Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SonyAgent' = '<Полный путь к вирусу>'
- <DRIVERS>\npf.sys
- <SYSTEM32>\wpcap.dll
- <SYSTEM32>\Packet.dll
- 'localhost':1077
- '18#.#2.213.115':80
- '92.##4.67.252':80
- '95.##0.68.25':80
- 'localhost':1080
- '17#.#9.60.160':80
- 'localhost':1068
- 'localhost':1071
- 'localhost':1074
- '78.##.251.32':80
- 'localhost':1083
- '17#.#35.183.246':80
- 'localhost':1092
- '79.##4.248.10':80
- '93.##1.126.24':80
- '37.##.217.23':80
- 'localhost':1086
- '95.##.182.105':80
- '92.#4.66.27':80
- '78.##.98.110':80
- 'localhost':1089
- '17#.#9.34.62':80
- 'localhost':1044
- '95.##.228.11':80
- '86.##.183.67':80
- '62.##1.255.15':80
- 'localhost':1047
- '78.#7.48.34':80
- 'localhost':1035
- 'localhost':1038
- 'localhost':1041
- '95.##0.176.193':80
- 'localhost':1050
- '17#.#12.196.59':80
- 'localhost':1059
- 'localhost':1062
- 'localhost':1065
- '78.##.224.13':80
- 'localhost':1053
- '80.##.213.70':80
- '68.##4.208.181':80
- '10#.#07.121.8':80
- 'localhost':1056
- 93.##1.126.24/setup.htm
- 37.##.217.23/start.htm
- 79.##4.248.10/welcome.htm