Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\svehotwt] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\svehotwt] 'ImagePath' = 'C:\system16\svisirt32.exe'
- C:\system16\svisirt32.exe
- C:\system16\svisirt64.exe
- C:\system16\ssleay32.dll
- C:\system16\libeay32.dll
- C:\system16\7z.dll
- %TEMP%\WERde2d.dir00\svisirt32.exe.mdmp
- %TEMP%\WERde2d.dir00\svisirt32.exe.hdmp
- %TEMP%\WERde2d.dir00\appcompat.txt
- %TEMP%\WERde2d.dir00\manifest.txt
- C:\system16\ssleay32.dll в C:\system16\ssleay32.dll513
- C:\system16\libeay32.dll в C:\system16\libeay32.dll436
- C:\system16\7z.dll в C:\system16\7z.dll964
- C:\system16\ssleay32.dll
- C:\system16\libeay32.dll
- C:\system16\7z.dll
- '86.##5.1.142':80
- http://86.##5.1.142/flag/index.php?&1###########################
- http://86.##5.1.142/flag/index.php?&1####################
- http://86.##5.1.142/flag/index.php?&1#####
- 'C:\system16\svisirt32.exe'