Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'vbpregi' = ''
- <SYSTEM32>\msvbvm60.dll
- <SYSTEM32>\vbpregi.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\install[1].htm
- %TEMP%\rad6ED64.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\vbpregi_back[1].htm
- <SYSTEM32>\vbpregi.exe
- <SYSTEM32>\MSINET.OCX
- <SYSTEM32>\VB6KO.DLL
- %TEMP%\~DFC87F.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\install[1].htm
- 'iw#.##nnycode.co.kr':80
- 'ad###.is-admin.com':80
- 'localhost':1036
- iw#.##nnycode.co.kr/vbpregi_back.php
- ad###.is-admin.com/log/install.php
- DNS ASK iw#.##nnycode.co.kr
- DNS ASK ad###.is-admin.com
- '<IP-адрес в локальной сети>':1037