Техническая информация
- <SYSTEM32>\userinit.exe
- C:\ver.txt
- %PROGRAM_FILES%\Messenger\pcinfo
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\newVictim[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\newVictim[1].php
- %PROGRAM_FILES%\Messenger\flag
- <SYSTEM32>\d.exe
- C:\filemon.reg
- %PROGRAM_FILES%\Messenger\checkwords.lst
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkwords[1].lst
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\newVictim[1].php
- C:\ver.txt
- C:\filemon.reg
- 'ds#.#reevar.com':80
- 'localhost':1038
- '20#.#6.232.182':80
- ds#.#reevar.com/newVictim.php?co#####################################
- ds#.#reevar.com/checkwords.lst
- DNS ASK ds#.#reevar.com
- DNS ASK up####.microsoft.com