Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,%APPDATA%\skype.dat'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\gl-gajzqr-pfxy-awrk-wfdi-tinecqdfcuxsnscuejbidhrinbxlvrwbdmxyti-exzr_rizv-zhrq-cgns-nlmpjhmssp[1].php
- %APPDATA%\skype.ini
- %APPDATA%\skype.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dgksbafvsuduca-lauo-oxrqjgtydivk-fttmlx-ospm-cbrk_xsal-vnco-rkwbxconjlfv-akoftwkscjlauueaqpfz[1].php
- 'cc##w.ru':80
- 'pq##x.com':80
- cc##w.ru/gl-gajzqr-pfxy-awrk-wfdi-tinecqdfcuxsnscuejbidhrinbxlvrwbdmxyti-exzr_rizv-zhrq-cgns-nlmpjhmssp.php
- pq##x.com/dgksbafvsuduca-lauo-oxrqjgtydivk-fttmlx-ospm-cbrk_xsal-vnco-rkwbxconjlfv-akoftwkscjlauueaqpfz.php
- DNS ASK cc##w.ru
- DNS ASK pq##x.com