Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Network' = 'rundll32.exe shell32.dll,Control_RunDLL network.cpl'
- '<SYSTEM32>\regsvr32.exe' /u -s "c:\arquivos de programas\scpad\scpsssh2.dll"
- '<SYSTEM32>\regsvr32.exe' /u -s "c:\arquivos de programas\scpad\sshib.dll"
- '<SYSTEM32>\regsvr32.exe' /u -s "c:\arquivos de programas\scpad\scpMIB.dll"
- '<SYSTEM32>\rundll32.exe' shell32.dll,Control_RunDLL "<SYSTEM32>\Network.cpl",
- '<SYSTEM32>\regsvr32.exe' /u -s "c:\arquivos de programas\scpad\scpLIB.dll"
- <SYSTEM32>\Network.cpl
- <SYSTEM32>\avioes.mp3
- 'fi########1.dominiotemporario.com':80
- fi########1.dominiotemporario.com/celerg.php
- DNS ASK fi########1.dominiotemporario.com
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'Frame Tab' WindowName: ''
- ClassName: 'TabWindowClass' WindowName: ''
- ClassName: 'WMPlayerApp' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'
- ClassName: 'ReBarWindow32' WindowName: ''