Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'sys' = '<SYSTEM32>\pics\cards\isaas.exe'
- 'google.com':80
- 'au######ando.blogspot.com':80
- 'at#####zer.100free.com':80
- http://au######ando.blogspot.com/
- http://at#####zer.100free.com/key2/isaas.zip
- http://at#####zer.100free.com/key2/kanki2.zip
- DNS ASK google.com
- DNS ASK au######ando.blogspot.com
- DNS ASK at#####zer.100free.com
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'Frame Tab' WindowName: ''
- ClassName: 'TabWindowClass' WindowName: ''