Техническая информация
- <SYSTEM32>\services.exe
- %WINDIR%\Explorer.EXE
- C:\RECYCLER\S-1-5-18\$2ebe1c2e2a38cb36436c4d1cb8c2630c\n
- C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$I58AFF310
- C:\RECYCLER\S-1-5-18\$2ebe1c2e2a38cb36436c4d1cb8c2630c\@
- C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$2ebe1c2e2a38cb36436c4d1cb8c2630c\@
- C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$2ebe1c2e2a38cb36436c4d1cb8c2630c\n
- из <Полный путь к вирусу> в C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$R58AFF310
- '20#.#8.32.176':80
- 'j.###mind.com':80
- 20#.#8.32.176/count.php?pa################################
- j.###mind.com/app/geoip.js
- DNS ASK pz#>j�$
- DNS ASK pz#����
- DNS ASK pz#�A~
- DNS ASK pz#�k
- DNS ASK pz#!A�c
- DNS ASK pz#'�
- DNS ASK j.###mind.com
- DNS ASK pz#�Г
- DNS ASK pz#��
- '11#.#41.48.249':16464
- '1.###.106.11':16464
- '18#.#37.137.38':16464
- '71.##4.138.6':16464
- '17#.28.14.8':16464
- '49.##4.58.39':16464
- '12#.#95.204.41':16464
- '68.##4.83.44':16464
- '14.##.33.245':16464
- '13#.#95.229.40':16464
- '98.##8.40.247':16464
- '16#.#54.253.254':16464
- '13#.#54.253.254':16464
- '18#.#54.253.254':16464
- '20#.#54.253.254':16464
- '19#.#54.253.254':16464
- '11#.#54.253.254':16464
- '24.##9.21.29':16464
- '76.#5.130.1':16464
- '92.#3.75.26':16464
- '92.##4.253.254':16464
- '88.##4.253.254':16464