Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\tTvjnGl38l] 'ImagePath' = '<SYSTEM32>\NsR\tTvjnGl38l.X2A'
- NtQuerySystemInformation, драйвер-обработчик: tTvjnGl38l.X2A
- <STUBS_DIR>\ccapp\SS988jbf.dll
- %TEMP%\IDLL.log
- <SYSTEM32>\blib.log
- <SYSTEM32>\NsR\tTvjnGl38l.X2A
- 'l.##dpd.com':7011
- 'bing.com':80
- 'qq.com':80
- http://www.bing.com/ via bing.com
- http://www.qq.com/ via qq.com
- DNS ASK www.qq.com
- DNS ASK www.bing.com
- DNS ASK l.##dpd.com
- DNS ASK s.##dpd.com
- '25#.#55.255.255':9131
- 's.##dpd.com':7012
- '<SYSTEM32>\rundll32.exe' "<STUBS_DIR>\ccapp\SS988jbf.dll",InstallHinfSection DefaultInstall 128