Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RevCode-5704' = '%APPDATA%\RevCode-5704.exe'
- %ALLUSERSPROFILE%\Application Data\Revcode-113C2A45\svchost.exe
- <Полный путь к файлу> в %APPDATA%\RevCode-5704.exe
- 'fr#####la.53fb0701.to':80
- 'fr#####la.efe87401.to':80
- 'fr#####la.cf488101.to':80
- 'fr#####la.69385701.to':80
- 'fr####ola.wm01.to':80
- 'localhost':1039
- 'fr#####la.49b56c01.to':80
- http://fr#####la.efe87401.to/recv3.php
- http://fr#####la.cf488101.to/recv3.php
- http://fr#####la.53fb0701.to/recv3.php
- http://fr#####la.49b56c01.to/recv3.php
- http://fr#####la.69385701.to/recv3.php
- http://fr####ola.wm01.to/recv3.php
- DNS ASK fr#####la.1e517001.to
- DNS ASK fr#####la.cf488101.to
- DNS ASK fr#####la.93319601.to
- DNS ASK fr#####la.bb8c4e01.to
- DNS ASK fr#####la.81252b01.to
- DNS ASK fr#####la.49b56c01.to
- DNS ASK fr####ola.wm01.to
- DNS ASK fr#####la.69385701.to
- DNS ASK fr#####la.efe87401.to
- DNS ASK fr#####la.53fb0701.to
- '%ALLUSERSPROFILE%\Application Data\Revcode-113C2A45\svchost.exe' 2872