Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\System Backup.lnk
- 'C:\System Backup\systbckp.exe' /i:51275C76#A3CDAE34 /p:"<Полный путь к вирусу>" /s:A02E4C1CE78BE45466657C8AED1FADFB81D4465F78C1A9
- C:\System Backup\systbckp.ini
- C:\System Backup\systbckp.exe
- '15#.#48.27.157':443
- '15#.#48.59.157':443
- '15#.#48.91.157':443
- 'localhost':1039
- 'ga####a2.atspace.eu':80
- '15#.#48.251.156':443
- ga####a2.atspace.eu/
- DNS ASK es####.pluton85.eu
- DNS ASK ug###desphed.eu
- DNS ASK es###d.undo.it
- DNS ASK ga####a2.atspace.eu
- DNS ASK es####.strangled.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''