Trojan.DownLoader46.43221

Техническая информация

Изменения в файловой системе

Создает следующие файлы

%TEMP%\108391978015966.jpg
%TEMP%\32966407326938.jpg
%TEMP%\80652781613883.jpg

Удаляет следующие файлы

%TEMP%\108391978015966.jpg

Сетевая активность

Подключается к

'mt##.##0.yahoodns.net':25
'ma##.#itechco.net':25
'de#######nbound-2.mimecast.com':25
'mx#.###lchannels.net':25
'tr#####.hugedomains.com':25
'fi##.#urontel.on.ca':25
'mx###.##stedmxserver.com':25
'mx#.##ailsrvr.com':25
'bg#####1.biglobe.ne.jp':25
'ma##.####eldespachante.com.br':25
're#######.#ail.protection.outlook.com':25
'ma##.#erfweb.com':25
'mx#.####99-7.eu.iphmx.com':25
'ma##.#-email.net':25
'da###rchid.ca':25
'ly###########l-com.mail.protection.outlook.com':25
'we#####.atento.com.gt':25
'al##########.mail.protection.outlook.com':25
'pa####x.above.com':25
'ce########o-com.mail.eo.outlook.com':25
'mx#####up.serveriai.lt':25
'pe##########m.mail.protection.outlook.com':25
'mi#####.##il.protection.outlook.com':25
'ak##########v.mail.protection.outlook.com':25
'mx#.##stinger.com':25
'localhost':25
'te#########.mail.protection.outlook.com':25
'sm###n.rzone.de':25
'mx#####.ppe-hosted.com':25
'mx#######701.gslb.pphosted.com':25
'ic###azip.com':80
'18#.#15.113.66':80
'si######.##il.protection.outlook.com':25
'ic####elmgmt.com':25
'ht###########c-at0i.mail.protection.outlook.com':25
'co####.senati.edu.pe':25
'alt2.aspmx.l.google.com':25
'yp#########ion.in.tmes.trendmicro.com':25
'alt3.aspmx.l.google.com':25
'mx.####.locaweb.com.br':25
'ma###.camera.it':25
'alt1.aspmx.l.google.com':25
'bi########.mail.protection.outlook.com':25
'mx####.#ail.saunalahti.fi':25
'za########bound-2.mimecast.co.za':25
'st############tech-edu.mail.protection.outlook.com':25
'ASPMX.L.GOOGLE.COM':25
'em###.thatsite.com':25
'ma##.#2bpress.com':25
'mx#.#leanmx.pt':25
'ma##.#egister.it':25
'mx.###mexperts.com':25
'mx#######f01.gslb.pphosted.com':25
'ne######.##il.protection.outlook.com':25
'tc#######.#ail.protection.outlook.com':25
'as####.googlemail.com':25
'bo########.mail.protection.outlook.com':25

TCP

Запросы HTTP GET

http://ic###azip.com/
http://18#.#15.113.66/corp/n.txt
http://18#.#15.113.66/corp/a
http://18#.#15.113.66/corp/167.txt

Другие

'si######.##il.protection.outlook.com':25
'tc#######.#ail.protection.outlook.com':25
'mx#####.ppe-hosted.com':25
'de#######nbound-2.mimecast.com':25
'mx###.##stedmxserver.com':25
'mx#.###lchannels.net':25
'fi##.#urontel.on.ca':25
're#######.#ail.protection.outlook.com':25
'bi########.mail.protection.outlook.com':25
'bg#####1.biglobe.ne.jp':25
'ma##.#-email.net':25
'da###rchid.ca':25
'mx#####up.serveriai.lt':25
'pa####x.above.com':25
'pe##########m.mail.protection.outlook.com':25
'mx#######701.gslb.pphosted.com':25
'mx#######f01.gslb.pphosted.com':25
'mx.###mexperts.com':25
'mx#.#leanmx.pt':25
'em###.thatsite.com':25
'ASPMX.L.GOOGLE.COM':25
'za########bound-2.mimecast.co.za':25
'mx####.#ail.saunalahti.fi':25
'st############tech-edu.mail.protection.outlook.com':25
'ma##.#2bpress.com':25
'alt3.aspmx.l.google.com':25
'ma###.camera.it':25
'co####.senati.edu.pe':25
'alt1.aspmx.l.google.com':25
'yp#########ion.in.tmes.trendmicro.com':25
'alt2.aspmx.l.google.com':25
'ht###########c-at0i.mail.protection.outlook.com':25
'mx#.##stinger.com':25
'ak##########v.mail.protection.outlook.com':25

UDP

DNS ASK ya##o.com
DNS ASK kx#.##globe.ne.jp
DNS ASK bg#####1.biglobe.ne.jp
DNS ASK sc##ed.ca
DNS ASK ma##.#erfweb.com
DNS ASK 85##.com
DNS ASK re##s.com
DNS ASK kr##.com
DNS ASK 23##.com
DNS ASK re#######.#ail.protection.outlook.com
DNS ASK ma##.####eldespachante.com.br
DNS ASK iu##i.ch
DNS ASK mx.###xtronics.com
DNS ASK mx#.####99-7.eu.iphmx.com
DNS ASK kt##.com
DNS ASK ma##.#-email.net
DNS ASK ye###wcardbr.co
DNS ASK da###rchid.ca
DNS ASK uc##.edu.ve
DNS ASK 68##.com
DNS ASK 96##.com
DNS ASK ik##i.com
DNS ASK ci###.dhz.hr
DNS ASK se##web.com
DNS ASK mx#.##ailsrvr.com
DNS ASK my##ace.com
DNS ASK de#######nbound-2.mimecast.com
DNS ASK mx#.###lchannels.net
DNS ASK y3#.com
DNS ASK tr#####.hugedomains.com
DNS ASK hu###tel.on.ca
DNS ASK 53##.com
DNS ASK sw##yc.com
DNS ASK gr###plexi.com
DNS ASK fi##.#urontel.on.ca
DNS ASK ma##.#orldstage.com
DNS ASK ic.edu
DNS ASK ho####alpc.com.mx
DNS ASK mx###.##stedmxserver.com
DNS ASK js##s.edu
DNS ASK ap####licflow.com
DNS ASK ce###ry21.ca
DNS ASK 84##.com
DNS ASK el###vador.com
DNS ASK 09##.com
DNS ASK gl######spachante.com.br
DNS ASK ma##.#itechco.net
DNS ASK te####rformance.com
DNS ASK vi##o.net
DNS ASK 33##.com
DNS ASK ca###r.com.br
DNS ASK ci.##ron.oh.us
DNS ASK ag####aunitas.cl
DNS ASK en####ainment.net
DNS ASK 95##.com
DNS ASK ak##########v.mail.protection.outlook.com
DNS ASK 20##.com
DNS ASK mx#.##stinger.com
DNS ASK mi#.edu
DNS ASK mi#####.##il.protection.outlook.com
DNS ASK al#.uct.cl
DNS ASK 88##.com
DNS ASK ga##il.co
DNS ASK ce##o.net
DNS ASK sc####echnology.net
DNS ASK bo#.ca.gov
DNS ASK sm###n.rzone.de
DNS ASK ku##i.tv
DNS ASK 58##.com
DNS ASK fa##it.com
DNS ASK 92##.com
DNS ASK pe##########m.mail.protection.outlook.com
DNS ASK pe###bras.com
DNS ASK 77##.com
DNS ASK at###o.com.gt
DNS ASK ly###########l-com.mail.protection.outlook.com
DNS ASK ns##b.com
DNS ASK qe###wali.com
DNS ASK we#####.atento.com.gt
DNS ASK 47##.com
DNS ASK br#####stsolutions.it
DNS ASK 78##.com
DNS ASK al##.wpi.edu
DNS ASK ne###hilips.com
DNS ASK 75##.com
DNS ASK ur##.com
DNS ASK al##########.mail.protection.outlook.com
DNS ASK ce###esauto.com
DNS ASK 34##.com
DNS ASK pa####x.above.com
DNS ASK ce########o-com.mail.eo.outlook.com
DNS ASK e-###zdas.net
DNS ASK mx#####up.serveriai.lt
DNS ASK 43##.com
DNS ASK ba##ll.com
DNS ASK aq#####s.livedoor.com
DNS ASK bo###beat.dk
DNS ASK ci###hco.net
DNS ASK ex#####l.electrabel.com
DNS ASK bi##aj.com
DNS ASK 77.com
DNS ASK bi########.mail.protection.outlook.com
DNS ASK 56##.com
DNS ASK 40##.com
DNS ASK ko###ortti.fi
DNS ASK 13##.com
DNS ASK li###ail.com.mx
DNS ASK me##ne.com
DNS ASK alt1.aspmx.l.google.com
DNS ASK 71##.com
DNS ASK st#####.laniertech.edu
DNS ASK 29##.com
DNS ASK st############tech-edu.mail.protection.outlook.com
DNS ASK ce##on.org
DNS ASK la####ailmail.com
DNS ASK ce###py.com.br
DNS ASK pa###ball.com
DNS ASK mx####.#ail.saunalahti.fi
DNS ASK ca##ra.it
DNS ASK za########bound-2.mimecast.co.za
DNS ASK 15##.com
DNS ASK ep###d401.org
DNS ASK mt##.##0.yahoodns.net
DNS ASK si##x.fi
DNS ASK ic####elmgmt.com
DNS ASK si######.##il.protection.outlook.com
DNS ASK ht####indorf.ac.at
DNS ASK sh####ibrary.com
DNS ASK ht###########c-at0i.mail.protection.outlook.com
DNS ASK se###i.edu.pe
DNS ASK 98##.com
DNS ASK co####.senati.edu.pe
DNS ASK ic###azip.com
DNS ASK ed######omesimoveis.com.br
DNS ASK la####a.k12.co.us
DNS ASK alt2.aspmx.l.google.com
DNS ASK yp#####inacion.com.bo
DNS ASK sc###.org.co
DNS ASK yp#########ion.in.tmes.trendmicro.com
DNS ASK alt3.aspmx.l.google.com
DNS ASK in####etcero.com
DNS ASK mx.####.locaweb.com.br
DNS ASK ASPMX.L.GOOGLE.COM
DNS ASK 44##.com
DNS ASK 26##.com
DNS ASK ma###.camera.it
DNS ASK em###.thatsite.com
DNS ASK tc#######.#ail.protection.outlook.com
DNS ASK 60##.com
DNS ASK 05##.com
DNS ASK as####.googlemail.com
DNS ASK mx#####.ppe-hosted.com
DNS ASK va###yhibbs.com
DNS ASK 02##.com
DNS ASK am###g.com.co
DNS ASK 74##.com
DNS ASK it###fonica.com
DNS ASK 57##.com
DNS ASK fr####er.net.net
DNS ASK te##osa.com
DNS ASK 30##.com
DNS ASK te#########.mail.protection.outlook.com
DNS ASK cd#.ph
DNS ASK 61##.com
DNS ASK ti##ali.ii
DNS ASK vi##lio.it
DNS ASK 91##.com
DNS ASK 87##.com
DNS ASK s2###ess.com
DNS ASK ma####ezlopez.name
DNS ASK 64##.com
DNS ASK bo########.mail.protection.outlook.com
DNS ASK ne######.##il.protection.outlook.com
DNS ASK ma##.#2bpress.com
DNS ASK ne##ax.pt
DNS ASK 67##.com
DNS ASK 82##.com
DNS ASK pa####igiovanni.it
DNS ASK mx#.#leanmx.pt
DNS ASK 54##.com
DNS ASK tr###c.com.mx
DNS ASK 81##.com
DNS ASK 19##.com
DNS ASK ma##.#egister.it
DNS ASK 28##.com
DNS ASK le##.com.br
DNS ASK mx.###mexperts.com
DNS ASK 46##.com
DNS ASK en####etnet.com.br
DNS ASK mx#######f01.gslb.pphosted.com
DNS ASK ne##s.fi
DNS ASK mx#######701.gslb.pphosted.com
DNS ASK tc##b.org
DNS ASK no###l.com.br
DNS ASK vp##a.org
DNS ASK wa###ating.tk

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней