Техническая информация
- <SYSTEM32>\services.exe
- %WINDIR%\Explorer.EXE
- C:\RECYCLER\S-1-5-18\$2ebe1c2e2a38cb36436c4d1cb8c2630c\n
- C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$I58AFF310
- C:\RECYCLER\S-1-5-18\$2ebe1c2e2a38cb36436c4d1cb8c2630c\@
- C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$2ebe1c2e2a38cb36436c4d1cb8c2630c\@
- C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$2ebe1c2e2a38cb36436c4d1cb8c2630c\n
- из <Полный путь к вирусу> в C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\$R58AFF310
- '20#.#8.32.176':80
- 'j.###mind.com':80
- 20#.#8.32.176/count.php?pa################################
- j.###mind.com/app/geoip.js
- DNS ASK pz#����
- DNS ASK pz#4m�`
- DNS ASK pz#-�R
- DNS ASK pz#�3�
- DNS ASK pz#�4[
- DNS ASK pz#���
- DNS ASK j.###mind.com
- DNS ASK pz#bA�
- DNS ASK pz#��˻
- DNS ASK pz#24�
- '98.##.26.251':16464
- '75.##9.216.250':16464
- '87.##.33.251':16464
- '84.##6.150.252':16464
- '71.##.80.252':16464
- '58.#7.248.2':16464
- '17#.#02.27.248':16464
- '18#.#56.224.2':16464
- '88.##8.200.2':16464
- '18#.#68.244.248':16464
- '46.##5.8.253':16464
- '16#.#54.253.254':16464
- '13#.#54.253.254':16464
- '18#.#54.253.254':16464
- '20#.#54.253.254':16464
- '19#.#54.253.254':16464
- '18#.#8.3.254':16464
- '20#.#01.107.253':16464
- '85.#30.81.2':16464
- '11#.#54.253.254':16464
- '92.##4.253.254':16464