Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Main' = 'C:\Arquivos de programas\Gbp\Main.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Main' = 'C:\Arquivos de programas\Gbp\Main.exe'
- 'www.jh#####08host.com.br':80
- 'br.#sn.com':80
- www.jh#####08host.com.br/confs/dados.html
- www.jh#####08host.com.br/Sender.php
- www.jh#####08host.com.br/vendo1987.php
- DNS ASK www.jh#####08host.com.br
- DNS ASK br.#sn.com
- '<IP-адрес в локальной сети>':1036
- ClassName: 'ComboBoxEx32' WindowName: 'Tiny H-Pot v1.6'
- ClassName: 'ComboBoxEx32' WindowName: '<Служебное имя>'
- ClassName: 'ComboBoxEx32' WindowName: '<SYSTEM32>\cscript.exe'
- ClassName: 'ComboBoxEx32' WindowName: 'Connections Tray'
- ClassName: 'ComboBoxEx32' WindowName: 'Program Manager'
- ClassName: 'ComboBoxEx32' WindowName: 'MS_WebcheckMonitor'
- ClassName: 'ComboBoxEx32' WindowName: 'Power Meter'
- ClassName: 'ComboBoxEx32' WindowName: '<Служебное имя> - build Mar 22 2011'
- ClassName: 'ComboBoxEx32' WindowName: 'najaproject'
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ComboBoxEx32' WindowName: 'CiceroUIWndFrame'
- ClassName: 'ComboBoxEx32' WindowName: '<Имя вируса>'
- ClassName: 'ComboBoxEx32' WindowName: ''
- ClassName: 'ComboBoxEx32' WindowName: 'TF_FloatingLangBar_WndTitle'