Trojan.DownLoader7.32896

Добавлен в вирусную базу Dr.Web: 2012-11-28

Описание добавлено: 2012-11-28

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%ALLUSERSPROFILE%\Start Menu\Programs\Startup\MSS.lnk

Изменения в файловой системе:

Создает следующие файлы:

<SYSTEM32>\msspic\34.jpg
<SYSTEM32>\msspic\33.jpg
<SYSTEM32>\msspic\32.jpg
<SYSTEM32>\msspic\37.jpg
<SYSTEM32>\msspic\36.jpg
<SYSTEM32>\msspic\35.jpg
<SYSTEM32>\msspic\28.jpg
<SYSTEM32>\msspic\27.jpg
<SYSTEM32>\msspic\26.jpg
<SYSTEM32>\msspic\31.jpg
<SYSTEM32>\msspic\30.jpg
<SYSTEM32>\msspic\29.jpg
<SYSTEM32>\msspic\38.jpg
<SYSTEM32>\msspic\47.jpg
<SYSTEM32>\msspic\46.jpg
<SYSTEM32>\msspic\45.jpg
<SYSTEM32>\msspic\50.jpg
<SYSTEM32>\msspic\49.jpg
<SYSTEM32>\msspic\48.jpg
<SYSTEM32>\msspic\41.jpg
<SYSTEM32>\msspic\40.jpg
<SYSTEM32>\msspic\39.jpg
<SYSTEM32>\msspic\44.jpg
<SYSTEM32>\msspic\43.jpg
<SYSTEM32>\msspic\42.jpg
<SYSTEM32>\msspic\25.jpg
<SYSTEM32>\msspic\8.jpg
<SYSTEM32>\msspic\7.jpg
<SYSTEM32>\msspic\6.jpg
<SYSTEM32>\msspic\11.jpg
<SYSTEM32>\msspic\10.jpg
<SYSTEM32>\msspic\9.jpg
<SYSTEM32>\msspic\2.jpg
<SYSTEM32>\msspic\1.jpg
<SYSTEM32>\<Имя вируса>.exe
<SYSTEM32>\msspic\5.jpg
<SYSTEM32>\msspic\4.jpg
<SYSTEM32>\msspic\3.jpg
<SYSTEM32>\msspic\12.jpg
<SYSTEM32>\msspic\21.jpg
<SYSTEM32>\msspic\20.jpg
<SYSTEM32>\msspic\19.jpg
<SYSTEM32>\msspic\24.jpg
<SYSTEM32>\msspic\23.jpg
<SYSTEM32>\msspic\22.jpg
<SYSTEM32>\msspic\15.jpg
<SYSTEM32>\msspic\14.jpg
<SYSTEM32>\msspic\13.jpg
<SYSTEM32>\msspic\18.jpg
<SYSTEM32>\msspic\17.jpg
<SYSTEM32>\msspic\16.jpg

Сетевая активность:

Подключается к:

'www.pi###lvd.com':80
'www.ce###s101.com':80
'ne####k.timeout.com':80
'no#####e.j-petite.net':80
'www.al##g.com':80
'www.ne####llpaperz.com':80
'www.ac###owbiz.com':80
'4.##.#logspot.com':80
'www.de##ow.net':80
'i1##.##otobucket.com':80
'im##.#mageshack.us':80
'www.my####wanted.com':80
'www.wa####pergate.com':80
'www.ce#####ty-pictures.ca':80
'lh#.#gpht.com':80
'ca####.#tock-wallpaper.com':80
'fa###.#tatic.flickr.com':80
'www.ce###itchy.com':80
'mi#########-hannah-montana-fans.wbs.cz':80
'im####.imageshack.us':80
'www.br##o.pl':80
'i4#.#inypic.com':80
'www.hd####papers.com':80
'me###.eyeblast.org':80
'www.mi#####rusheaven.com':80
'im####.movieplayer.it':80
'cd#.#uzznet.com':80
'mc#######09.files.wordpress.com':80
'www.pu###spain.com':80
'www.en######nmentwallpaper.com':80
'www.us###orge.com':80
'im####2.fanpop.com':80
'tw##########lkintoablog.files.wordpress.com':80
'www.xo##.co.il':80
'www.im###on.com.br':80
'im####1.fanpop.com':80

TCP:

Запросы HTTP GET:

4.##.#logspot.com/_TjAQv1M_Po4/SxRrncuo8mI/AAAAAAAAAJ8/NT_orIkuDhY/s1600/2009_hannah_montana_the_movie_019.jpg
im####.imageshack.us/img196/9490/hannahmontanathemovie66.jpg
im####2.fanpop.com/image/photos/9300000/HANNAH-MONTANA-hannah-montana-9351257-1024-768.jpg
www.pi###lvd.com/wp-content/gallery/Mileyworld/01.jpg
www.ce###s101.com/wallpapers/Miley_Cyrus/221196/Miley_Cyrus_Hannah_Montana_Wallpaper.jpg
www.al##g.com/Stars/h/hannah-montana-the-movie-myley-cyrus-billy-ray-cyrus.jpg
im####2.fanpop.com/images/photos/2700000/hannah123456-hannah-montana-2738273-1280-1024.jpg
www.ne####llpaperz.com/wp-content/uploads/2008/08/miley-cyrus-hannah-montana-teasing.jpg
www.ac###owbiz.com/images/still/hannah_montana_the_movie04.jpg
im####2.fanpop.com/images/photos/8500000/Hannah-Montana-hannah-montana-8536978-1290-800.jpg
www.de##ow.net/d/file/movies/2009-03/hannah-montana-476-2.jpg
www.ne####llpaperz.com/wp-content/uploads/2008/08/cute-miley-cyrus-hannah-montana.jpg
no#####e.j-petite.net/1/wp-content/uploads/2008/10/2.jpg
im##.#mageshack.us/img3/4741/hannahmontana18.jpg
im####.imageshack.us/img251/7841/hannahgal2.jpg
www.ce#####ty-pictures.ca/Celebrities/Hannah-Montana/Hannah-Montana-i164600-small.jpg
www.my####wanted.com/gallery/data/1368/miley-cyrus_dot_com_modeling-random8-001.jpg
www.wa####pergate.com/data/media/3318/Miley_Cyrus_27482.jpg
i1##.##otobucket.com/albums/p31/charmed_4evr/sjbm.jpg
ca####.#tock-wallpaper.com/resize/1440/900/02752_Hannah_Montana_WP1-1080p_122_905lo.jpg
cd#.#uzznet.com/media/jjr//2009/08/miley-kelly/miley-cyrus-kelly-preston-morton-mates-01.jpg
ne####k.timeout.com/newyork/resizeImage/htdocs/export_images/708/hannah.jpg
fa###.#tatic.flickr.com/2084/1998910672_9c0c84d399_o.jpg
www.ce###itchy.com/wp-content/uploads/2009/10/wenn5377310.jpg
lh#.#gpht.com/_-HtE11xwLN8/SJZQRqH4UkI/AAAAAAAABDQ/z4Fh8Z976yg/19.jpg
i4#.#inypic.com/15ppqwo.jpg
mi#########-hannah-montana-fans.wbs.cz/Miley-wallie-hannah-montana-1900754-1600-1200.jpg
im####.imageshack.us/img682/5650/hannahmontanawallpaper.jpg
tw##########lkintoablog.files.wordpress.com/2009/04/hannah_montana1.jpg
www.xo##.co.il/downloads/background/img/1280X960_1305.jpg
www.br##o.pl/download/tapety/miley_cyrus/1/1280x960.jpg
me###.eyeblast.org/newsbusters/static/2009/08/2009-08-10-FOX-TeenChoice-Miley.jpg
www.mi#####rusheaven.com/wallpapers/miley-cyrus-2-1280x960.jpg
www.mi#####rusheaven.com/wallpapers/miley-cyrus-1-1280x960.jpg
www.hd####papers.com/photo/albums/Miley_Cyrus_wallpaper/Miley_Cyrus_7.jpg
im####.movieplayer.it/2008/05/09/wallpaper-del-film-hannah-montana-miley-cyrus-best-of-both-worlds-concert-tour-68138.jpg
cd#.#uzznet.com/media/jj1//2009/02/miley-jogging/miley-cyrus-justin-gaston-jogging-shirtless-02.jpg
im####1.fanpop.com/images/photos/1600000/hannah-montana-i-luv-u-hannah-montana-1678352-1024-768.jpg
im####1.fanpop.com/images/image_uploads/miley-hannah-montana-1036525_1024_768.jpg
www.us###orge.com/Wallpapers/Celebrities/wallpaper/Miley-Cyrus-Hannah-Montana.jpg
mc#######09.files.wordpress.com/2009/09/hannah-montana-the-movie.jpg
im####2.fanpop.com/images/photos/3800000/hannah-montana-hannah-montana-3830254-1280-1024.jpg
www.en######nmentwallpaper.com/images/desktops/movie/tv_hannah_montana17.jpg
www.en######nmentwallpaper.com/images/desktops/movie/tv_hannah_montana09.jpg
im####1.fanpop.com/images/photos/1400000/disney-channel-hannah-montana-hannah-montana-1485924-1280-1024.jpg
im####2.fanpop.com/images/photos/5400000/Hannah-Montana-The-Movie-miley-cyrus-5466969-1280-1024.jpg
www.im###on.com.br/imagens/data/media/38/hannah_montana2.jpg
www.pu###spain.com/hannah_montana/fondos/fondo-de-escritorio-hannah-montana-6-1024x768.jpg
im####1.fanpop.com/images/photos/1600000/hannah-montana-hannah-montana-1637620-1024-768.jpg
im####2.fanpop.com/images/photos/3800000/Hannah-Montana-the-Movie-miley-cyrus-3867994-1280-1024.jpg

UDP:

DNS ASK www.pi###lvd.com
DNS ASK www.ce###s101.com
DNS ASK ne####k.timeout.com
DNS ASK no#####e.j-petite.net
DNS ASK www.al##g.com
DNS ASK www.ne####llpaperz.com
DNS ASK www.ac###owbiz.com
DNS ASK 4.##.#logspot.com
DNS ASK www.de##ow.net
DNS ASK i1##.##otobucket.com
DNS ASK im##.#mageshack.us
DNS ASK www.my####wanted.com
DNS ASK www.wa####pergate.com
DNS ASK www.ce#####ty-pictures.ca
DNS ASK lh#.#gpht.com
DNS ASK ca####.#tock-wallpaper.com
DNS ASK fa###.#tatic.flickr.com
DNS ASK www.ce###itchy.com
DNS ASK mi#########-hannah-montana-fans.wbs.cz
DNS ASK im####.imageshack.us
DNS ASK www.br##o.pl
DNS ASK i4#.#inypic.com
DNS ASK www.hd####papers.com
DNS ASK me###.eyeblast.org
DNS ASK www.mi#####rusheaven.com
DNS ASK im####.movieplayer.it
DNS ASK cd#.#uzznet.com
DNS ASK mc#######09.files.wordpress.com
DNS ASK www.pu###spain.com
DNS ASK www.en######nmentwallpaper.com
DNS ASK www.us###orge.com
DNS ASK im####2.fanpop.com
DNS ASK tw##########lkintoablog.files.wordpress.com
DNS ASK www.xo##.co.il
DNS ASK www.im###on.com.br
DNS ASK im####1.fanpop.com

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней