Техническая информация
Изменения в файловой системе
Создает следующие файлы
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
Сетевая активность
TCP
Запросы HTTP GET
- http://st####.tumblr.com/vr9xgox/Laznfengw/optica-icons.eot
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://x.##2.us/x.cer
- http://do#####dhackcheat.com/wp-content/uploads/2013/12/anime-ninja.jpg
- http://i1###.#hotobucket.com/albums/a543/GVmakesGames/Mobile%20Uploads/screen1_zps17d4b267.png
- http://or####.deviantart.net/bd46/f/2012/264/3/5/samus_aran_zero_suit_final_001_by_iononemillion-d5ffuck.png
- http://he####hrotter.de/24/flash-fx-618.png
- http://re####ktk.xtgem.com/images/Anim-Fx.v3.jpg
- http://4.##.#logspot.com/_lYydAs_fV0w/TPfYEjRYnFI/AAAAAAAAAPo/LOEbEO58TKE/s1600/vista-vs-7.png
- http://i.##img.com/vi/2TvlE5SFaxM/maxresdefault.jpg
- http://www.fi###uru.com/images/b/litecube_-_roundcube_skin_internet_mail-1005914.jpeg
- http://i1.##img.com/vi/XcHHfX3-lX8/hqdefault.jpg
- http://im#####.lisisoft.com/img/2/0/2086-1-fx-video-capture.jpg
- http://2.##.#logspot.com/-U_QenWjiXaw/UKxZvmXJdRI/AAAAAAAAAws/kp4xlOCR08o/s1600/shot2a.png
- http://im#.##othersoft.com/screenshots/softimage/a/animpixels-175882-6.jpeg
- http://3.##.#logspot.com/_je_xfZ5IKnE/SO0-3BUz3zI/AAAAAAAABbc/CjV3sYdImNc/s400/hid.jpg
- http://www.ar###base.de/content/images/BAFX%20_11.jpg
- http://s2.##cdn.net/EyKR0/526x297-hOz.jpg
- http://do######anyfilesthere.ru/img/89928-download-anim-fx.jpg
- http://sc######ots.en.sftcdn.net/en/scrn/20000/20031/anim-fx-10.jpg
- http://www.ma###date.com/images/screens/uploaded/JPG/39741_scr_uc2.jpg
- http://pr###amruss.ru/_ld/19/20546119.jpg
- http://im##.#alavida.com/mvimgbig/download/anim-fx-7374-1.jpg
- http://de.##lepc.net/cdn/images/178-image-123-Flash-Menu.jpg
- http://2.##.#logspot.com/_ncdU3x63x4k/R0fe-DNwFaI/AAAAAAAADa0/S4viO_2N7OI/s400/animfx.gif
- http://cu#####ymeter.net.in/jslib/jquery.fancybox-1.3.1.min.js
- http://cr#.#odaddy.com/gdig2s1-856.crl
- http://o.##2.us//MEowSDBGMEQwQjAJBgUrDgMCGgUABBSLwZ6EW5gdYc9UaSEaaLjjETNtkAQUv1%2B30c7dH4b0W1Ws3NcQwg6piOcCCQCnDkpMNIK3fw%3D%3D
UDP
- DNS ASK as####.tumblr.com
- DNS ASK im#####.lisisoft.com
- DNS ASK fi###uru.com
- DNS ASK i1.##img.com
- DNS ASK i.##img.com
- DNS ASK or####.deviantart.net
- DNS ASK go##nce.ru
- DNS ASK i1###.#hotobucket.com
- DNS ASK 4.##.#logspot.com
- DNS ASK do#####dhackcheat.com
- DNS ASK re####ktk.xtgem.com
- DNS ASK im#.##wnfocus.com
- DNS ASK aj##.#oogleapis.com
- DNS ASK im###########ed30a86b8c4ca887773594c2.wixmp.com
- DNS ASK x.##2.us
- DNS ASK cr#.#odaddy.com
- DNS ASK sc####shot.exe4.com
- DNS ASK public-trust.com
- DNS ASK he####hrotter.de
- DNS ASK 3.##.#logspot.com
- DNS ASK st####.tumblr.com
- DNS ASK cu#####ymeter.net.in
- DNS ASK un###cktube.pk
- DNS ASK 2.##.#logspot.com
- DNS ASK ki####imations.com
- DNS ASK de.##lepc.net
- DNS ASK s2.##cdn.net
- DNS ASK im##.#alavida.com
- DNS ASK do######anyfilesthere.ru
- DNS ASK pr###amruss.ru
- DNS ASK sc######ots.en.sftcdn.net
- DNS ASK gm#.#njify.com
- DNS ASK ma###date.com
- DNS ASK ar###base.de
- DNS ASK im###.nnm.me
- DNS ASK im#.##othersoft.com
- DNS ASK o.##2.us
Другое
Ищет следующие окна
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
