Техническая информация
- [<HKLM>\SYSTEM\CurrentControlSet\Services\Driver] 'ImagePath' = 'c:\Driver.sys'
- [<HKLM>\System\CurrentControlSet\Services\91K965] 'ImagePath' = '%TEMP%\91K965.dat'
- C:\adriver.dll
- C:\driver.sys
- %TEMP%\91k965.dat
- %WINDIR%\temp\udd4354.tmp
- %TEMP%\91k965.dat
- %WINDIR%\temp\udd4354.tmp
- 'i.##.com':443
- http://www.pf##j.cn/3.txt
- http://us###.qzone.qq.com/fcg-bin/cgi_get_portrait.fcg?ui############
- http://cr#.##gicert-cn.com/DigiCertGlobalRootCA.crl
- http://oc##.dcocsp.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAh%2BGPuPqpJ%2B6HYKDYmC9RI%3D
- http://oc##.dcocsp.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTHv1Dj%2BciPJEWH5JNtwL5Y07mRqwQUxBF%2BiECGwkG%2FZfMa4bRTQKOr7H0CEAsYwJ5dI0rgVZowXLqb4YQ%3D
- http://i.##.com/?s_#######################################################################################
- http://oc##.dcocsp.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQMO%2FVnZnwG%2FBa1LlDnjADjVWaMsQQURUHjk1RwuOmlt5a8JrFYdUKXPvMCEA%2FtLcB%2B6NWNnb5DHmzATJQ%3D
- DNS ASK pf##j.cn
- DNS ASK us###.qzone.qq.com
- DNS ASK lo######t.ptlogin2.qq.com
- DNS ASK cr#.##gicert-cn.com
- DNS ASK oc##.dcocsp.cn
- DNS ASK i.##.com