Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'iximaria' = '<Полный путь к вирусу>'
- nod32.exe
- %WINDIR%\iximaria.exe
- 'su####camptac.com':80
- su####camptac.com/slideshows/biriba/teste.php
- DNS ASK su####camptac.com
- ClassName: 'hijack' WindowName: ''
- ClassName: 'norton' WindowName: ''
- ClassName: 'McAfee' WindowName: ''
- ClassName: 'Norman' WindowName: ''
- ClassName: 'Panda' WindowName: ''
- ClassName: 'free' WindowName: ''
- ClassName: 'avg_free_stb_pb_2013_2667_free' WindowName: ''
- ClassName: 'gbplugin' WindowName: ''
- ClassName: 'AVG' WindowName: ''
- ClassName: 'gbpsv' WindowName: ''
- ClassName: 'Avast' WindowName: ''
- ClassName: 'AntiVir' WindowName: ''
- ClassName: 'AvastUI' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'TrendMicro' WindowName: ''
- ClassName: 'Kaspersky' WindowName: ''
- ClassName: 'Symantec' WindowName: ''
- ClassName: 'BitDefender' WindowName: ''
- ClassName: 'NOD32' WindowName: ''