Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'CRNJEUFU' = '<Полный путь к вирусу>'
- %TEMP%\verif_meu.txt
- 'da###ay.hut4.ru':80
- 'ti####.phpnet.org':80
- ti####.phpnet.org/decor-de-charme/images_site/gyn.txt
- da###ay.hut4.ru/visinho/meu.php
- DNS ASK da###ay.hut4.ru
- DNS ASK ti####.phpnet.org
- ClassName: 'Frame Tab' WindowName: ''
- ClassName: 'MozillaWindowClass' WindowName: ''
- ClassName: 'Chrome_WidgetWin_0' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: 'TabWindowClass' WindowName: ''
- ClassName: 'Internet Explorer_Server' WindowName: ''