Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Media' = '<SYSTEM32>\WmInit.exe'
- '<SYSTEM32>\WmInit.exe' "<Полный путь к вирусу>"
- <SYSTEM32>\WmInit.exe
- <SYSTEM32>\WmInit.dat
- '20#.#2.236.130':35105
- 'in###77350.net':35103
- '20#.#2.236.130':35108
- '20#.#2.236.130':35107
- '20#.#2.236.130':35106
- 'to###19200.info':35100
- '20#.#2.236.130':35100
- '20#.#2.236.130':35101
- '20#.#2.236.130':35109
- '20#.#2.236.130':35102
- '20#.#2.236.130':35103
- 'mt###7711.org':35102
- 'dr###57289.com':35101
- 'bl###75331.org':35104
- 'un###nk599.info':35105
- DNS ASK dr###57289.com
- DNS ASK in###77350.net
- DNS ASK to###19200.info
- DNS ASK mt###7711.org
- DNS ASK un###nk599.info
- DNS ASK bl###75331.org
- ClassName: 'SysListView32' WindowName: ''