Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\usbhc] 'Start' = '00000002'
- %TEMP%\nsq2.tmp\ns3.tmp "%WINDIR%\Temp\install_driver.bat"
- <SYSTEM32>\sc.exe create usbhc binPath= <DRIVERS>\usbhc.sys type= kernel start= auto DisplayName= usbhc
- <SYSTEM32>\sc.exe start usbhc
- <SYSTEM32>\sc.exe delete usbhc
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\install_driver.bat""
- <SYSTEM32>\sc.exe stop usbhc
- %TEMP%\nsq2.tmp\nsExec.dll
- %TEMP%\nsq2.tmp\ns3.tmp
- <DRIVERS>\usbhc.sys
- %WINDIR%\Temp\install_driver.bat
- %TEMP%\nsq2.tmp\nsExec.dll
- %WINDIR%\Temp\install_driver.bat
- %TEMP%\nsq2.tmp\ns3.tmp
- 'th###bbj.com':80
- 'tw###mdj.org':80
- 'ef###rmb.org':80
- 'bb###fsr.com':80
- 'qx###gei.com':80
- 'pe###dav.org':80
- 'oq###vbk.com':80
- 'eb###dvj.org':80
- 'tb###paf.org':80
- 'qd###ndp.org':80
- th###bbj.com/srv.php?&i##############
- tw###mdj.org/srv.php?&i##############
- ef###rmb.org/srv.php?&i##############
- bb###fsr.com/srv.php?&i##############
- qx###gei.com/srv.php?&i##############
- pe###dav.org/srv.php?&i##############
- oq###vbk.com/srv.php?&i##############
- eb###dvj.org/srv.php?&i##############
- tb###paf.org/srv.php?&i##############
- qd###ndp.org/srv.php?&i##############
- DNS ASK ef###rmb.org
- DNS ASK th###bbj.com
- DNS ASK qx###gei.com
- DNS ASK jb###qra.org
- DNS ASK bb###fsr.com
- DNS ASK tw###mdj.org
- DNS ASK pe###dav.org
- DNS ASK oq###vbk.com
- DNS ASK eb###dvj.org
- DNS ASK tb###paf.org
- DNS ASK qd###ndp.org