Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\User Backup.lnk
- 'C:\User Backup\userbckp.exe' /i:4C26A44C#7BC7ECE4 /p:"<Полный путь к вирусу>" /s:C7C76A5D53574018D3A815D5EDC7C04ADA85255024D8
- C:\User Backup\userbckp.ini
- C:\User Backup\userbckp.exe
- '15#.#48.251.156':443
- '15#.#48.27.157':4433
- 'localhost':1037
- 'ga####a2.atspace.eu':80
- ga####a2.atspace.eu/
- DNS ASK pf###.undo.it
- DNS ASK pf###.pluton85.eu
- DNS ASK ga####a2.atspace.eu
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''