Техническая информация
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\test[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\test[1]
- из <Полный путь к вирусу> в %ALLUSERSPROFILE%\Application Data\ifdstore\<Имя вируса>.exe
- 'co####failure.biz':80
- 'co####nizespart.biz':80
- 'in####acemakes.biz':80
- 'ps##uvi.biz':80
- co####failure.biz/api/test
- co####nizespart.biz/api/test
- in####acemakes.biz/api/test
- ps##uvi.biz/api/test
- DNS ASK co####failure.biz
- DNS ASK co####nizespart.biz
- DNS ASK in####acemakes.biz
- DNS ASK ps##uvi.biz
- ClassName: '0' WindowName: '0'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'