Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Аdobe® Flаsh® Player Installer/Uninstaller 11.1 r103' = '<SYSTEM32>\FlashSl.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C2C9B69-0851-697D-335A-E9578F46332F}] 'StubPath' = '<SYSTEM32>\FlashSl.exe'
- %WINDIR%\Explorer.EXE
- iexplore.exe
- ClassName: 'OLLYDBG' WindowName: ''
- <SYSTEM32>\FlashSl.exe
- %APPDATA%\Obsidium\{65955382-EC856A34-184EACCD-440B019F}
- <Полный путь к вирусу>:{D4A0FB07-9DBB12B9-C9845552-92D5591A}
- '85.##2.128.244':3389
- '21#.#1.62.33':3389
- '21#.#3.164.188':3389
- '79.##8.253.203':3389
- '19#.#51.40.74':3389
- '31.##4.220.251':3389