Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'kernel32' = '"<SYSTEM32>\kernel32.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- Центр обеспечения безопасности (Security Center)
- %WINDIR%\regedit.exe /S "C:\AS.reg"
- <SYSTEM32>\xxxxvic32.dll
- <SYSTEM32>\xxxxkernel32.exe
- C:\AS.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\logo[1].gif
- <SYSTEM32>\xxxxmsvbvm60.dll
- <SYSTEM32>\xxxxmswinsck.ocx
- '74.##5.232.51':80
- 'localhost':1036
- 74.##5.232.51/logo.gif
- DNS ASK www.google.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''