Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SonyAgent' = '<Полный путь к вирусу>'
- '<SYSTEM32>\taskhost.exe'
- '<SYSTEM32>\wermgr.exe' -queuereporting
- <Полный путь к вирусу>
- 'localhost':49200
- '91.##7.109.9':80
- '94.##4.34.74':80
- '10#.#51.107.185':80
- 'localhost':49203
- '93.#9.11.9':80
- 'localhost':49191
- 'localhost':49194
- 'localhost':49197
- '10#.#6.180.69':80
- 'localhost':49206
- '15#.0.37.40':80
- 'localhost':49215
- '10#.#6.255.40':80
- '37.##.242.48':80
- '10#.#51.74.37':80
- 'localhost':49209
- '37.##9.214.6':80
- '20#.#6.0.136':80
- '17#.#37.20.4':80
- 'localhost':49212
- '61.##7.162.200':80
- 'localhost':49167
- '77.##2.48.88':80
- '77.##2.242.22':80
- '17#.8.19.90':80
- 'localhost':49170
- '37.#7.48.3':80
- 'localhost':49158
- 'localhost':49161
- 'localhost':49164
- '21#.#64.24.22':80
- 'localhost':49173
- '17#.#37.37.19':80
- 'localhost':49182
- 'localhost':49185
- 'localhost':49188
- '46.##9.98.83':80
- 'localhost':49176
- '77.##1.226.214':80
- '46.##2.210.17':80
- '46.##8.18.78':80
- 'localhost':49179
- 10#.#51.74.37/start.htm
- 37.##.242.48/online.htm
- 21#.#64.24.22/default.htm
- 10#.#6.255.40/default.htm