Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,%APPDATA%\skype.dat'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ohifejdapljvzvyx-ohwklgduys-coqscosyph-danl-vaplzrnnop_amtw-mvjp-xxno-mxux-ftygwpqjxq-gljukdll[1].php
- %APPDATA%\skype.ini
- %APPDATA%\skype.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kgoxpy-drrc_zrxqehdwbwamiofmptyhtwjv-amba-zagxqnppgdcuexxoshza-mxlaopxynscuoefqelrabiprns[1].php
- 'fp#h.su':80
- 'gg##v.net':80
- fp#h.su/ohifejdapljvzvyx-ohwklgduys-coqscosyph-danl-vaplzrnnop_amtw-mvjp-xxno-mxux-ftygwpqjxq-gljukdll.php
- gg##v.net/kgoxpy-drrc_zrxqehdwbwamiofmptyhtwjv-amba-zagxqnppgdcuexxoshza-mxlaopxynscuoefqelrabiprns.php
- DNS ASK fp#h.su
- DNS ASK gg##v.net