Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Gostweb' = '<Полный путь к вирусу>'
- %WINDIR%\java\KBD_CRNJEUFU88E6680F.TXT
- %WINDIR%\java\URL_CRNJEUFU88E6680F.TXT
- 'sm##.##rreios.net.br':25
- DNS ASK sm##.##rreios.net.br
- '<IP-адрес в локальной сети>':1036
- ClassName: '' WindowName: 'IEXPLORER'
- ClassName: '' WindowName: 'MOD000'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'Mobile'
- ClassName: '' WindowName: 'Netmobile'