Техническая информация
- Редактора реестра (RegEdit)
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\<Имя вируса>.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\serasalegal112[1].pdf
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\MGJHFNSDGESGHFHGFDGHFGGHFNGGF[1].pac
- <Текущая директория>\<Имя вируса>.bat
- '20#.#8.162.21':80
- 'www.se#####xperian.com.br':80
- 'localhost':1038
- 'www.an#####coderpr1v8.com':80
- www.se#####xperian.com.br/serasaexperian/publicacoes/serasalegal/ftp/serasalegal112.pdf
- 20#.#8.162.21/MGJHFNSDGESGHFHGFDGHFGGHFNGGF.pac
- www.an#####coderpr1v8.com/VEMDINHEIROMISSAOCOPADOMUNDO.php
- DNS ASK www.se#####xperian.com.br
- DNS ASK www.an#####coderpr1v8.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''