Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SonyAgent' = '<Полный путь к вирусу>'
- '<SYSTEM32>\taskhost.exe'
- '<SYSTEM32>\wermgr.exe' -queuereporting
- <Полный путь к вирусу>
- '95.##.138.224':80
- 'localhost':49197
- 'localhost':49200
- 'localhost':49203
- '88.##5.93.28':80
- 'localhost':49191
- '77.##1.143.112':80
- '21#.#5.193.33':80
- '94.##0.236.115':80
- 'localhost':49194
- '17#.#03.204.102':80
- 'localhost':49215
- '78.#0.217.8':80
- '17#.#4.114.73':80
- '91.#18.91.2':80
- '46.##0.109.19':80
- '17#.#6.80.32':80
- 'localhost':49206
- 'localhost':49209
- 'localhost':49212
- '89.##0.11.70':80
- 'localhost':49167
- '95.##1.221.69':80
- '15#.#24.156.12':80
- '5.##8.40.71':80
- 'localhost':49170
- '31.##8.105.236':80
- 'localhost':49158
- 'localhost':49161
- 'localhost':49164
- '17#.#22.181.7':80
- 'localhost':49173
- '19#.#45.177.248':80
- 'localhost':49182
- 'localhost':49185
- 'localhost':49188
- '17#.#50.155.32':80
- 'localhost':49176
- '10#.#7.28.162':80
- '19#.169.9.4':80
- '95.##3.85.63':80
- 'localhost':49179
- 91.#18.91.2/welcome.htm
- 17#.#4.114.73/setup.htm
- 17#.#6.80.32/start.htm
- 46.##0.109.19/default.htm