Техническая информация
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- <Текущая директория>\ᬀ粀
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kotltrlxot[1]
- из <Полный путь к вирусу> в %TEMP%\PGezATNu.exe
- 'ko###rlxot.at':80
- 'localhost':1036
- ko###rlxot.at/?13#######
- DNS ASK ko###rlxot.at
- ClassName: '(null)' WindowName: 'txdMyrZ'
- ClassName: '(null)' WindowName: ' wn otmaXJ'
- ClassName: '(null)' WindowName: 'mtvB hvDQ'
- ClassName: '(null)' WindowName: 'lvSm'
- ClassName: '(null)' WindowName: 'tiyapuqcP nD'
- ClassName: '(null)' WindowName: 'xrOqb PpSoT'
- ClassName: '(null)' WindowName: 'wjh kZq'
- ClassName: '(null)' WindowName: 'lF NM nppfYY'
- ClassName: '(null)' WindowName: 'AQBuu x '
- ClassName: '(null)' WindowName: 'NamYhziYfB qruyMoa'
- ClassName: '(null)' WindowName: 'z i f'
- ClassName: '(null)' WindowName: 'a ejQOQnxvz'
- ClassName: '(null)' WindowName: ' C cjofuFzr z'
- ClassName: '(null)' WindowName: 'T otmnf bDl'
- ClassName: '(null)' WindowName: 'pmdAbVSYy'
- ClassName: '(null)' WindowName: ' LajJY'
- ClassName: '(null)' WindowName: 'm dWEplvoeo g'
- ClassName: '(null)' WindowName: 'gHHN cf'
- ClassName: '(null)' WindowName: 'kfi hfN'
- ClassName: '(null)' WindowName: 'X ppnKVWfj o'
- ClassName: '(null)' WindowName: 'U Olbmzb'
- ClassName: '(null)' WindowName: ' csYrfQw'
- ClassName: '(null)' WindowName: 'qqj J'
- ClassName: '(null)' WindowName: 'at jUI'
- ClassName: '(null)' WindowName: 'geLBu '