Trojan.Starman.5278

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs
'<SYSTEM32>\dumprep.exe' 1120 -dm 7 7 %TEMP%\WERd07f.dir00\svchost.exe.mdmp 16325836412032300

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%TEMP%\WERd07f.dir00\svchost.exe.mdmp
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe

Сетевая активность:

Подключается к:

'21#.#3.177.149':445
'21#.#3.155.177':445
'21#.#3.71.64':445
'21#.#3.247.85':445
'21#.#3.150.60':445
'21#.#3.105.241':445
'21#.#3.38.156':445
'21#.#3.72.245':445
'21#.#3.241.177':445
'21#.#3.26.138':445
'21#.#3.61.56':445
'21#.#3.85.175':445
'21#.#3.73.232':139
'21#.#3.195.73':139
'21#.#3.48.253':445
'21#.#3.163.248':139
'21#.#3.237.120':139
'21#.#3.232.87':139
'21#.#3.40.225':445
'21#.#3.35.16':445
'21#.#3.85.107':445
'21#.#3.221.66':445
'21#.#3.92.27':445
'21#.#3.116.213':445
'21#.#3.193.7':445
'21#.#3.136.174':445
'21#.#3.125.137':445
'21#.#3.61.123':445
'21#.#3.173.96':445
'21#.#3.10.160':445
'21#.#3.231.182':445
'21#.#3.237.120':445
'21#.#3.232.87':445
'21#.#3.73.232':445
'21#.#3.113.45':445
'21#.#3.156.144':445
'21#.#3.163.248':445
'21#.#3.51.66':445
'21#.#3.149.129':445
'21#.#3.132.13':445
'21#.#3.15.222':445
'21#.#3.138.238':445
'21#.#3.237.212':445
'21#.#3.148.78':445
'21#.#3.93.49':445
'21#.#3.184.46':445
'21#.#3.233.205':445
'21#.#3.60.108':445
'21#.#3.74.81':445
'21#.#3.156.144':139
'21#.#3.35.16':139
'21#.#3.85.107':139
'21#.#3.247.85':139
'21#.#3.92.27':139
'21#.#3.116.213':139
'21#.#3.40.225':139
'21#.#3.155.177':139
'21#.#3.71.64':139
'21#.#3.26.138':139
'21#.#3.150.60':139
'21#.#3.105.241':139
'21#.#3.177.149':139
'21#.#3.140.105':139
'21#.#3.72.50':445
'21#.#3.130.197':445
'21#.#3.35.244':139
'21#.#3.188.173':139
'21#.#3.78.65':139
'21#.#3.140.105':445
'21#.#3.48.253':139
'21#.#3.221.66':139
'21#.#3.35.244':445
'21#.#3.188.173':445
'21#.#3.78.65':445
'21#.#3.61.56':139
'21#.#3.93.49':139
'21#.#3.184.46':139
'21#.#3.173.96':139
'21#.#3.60.108':139
'21#.#3.74.81':139
'21#.#3.148.78':139
'21#.#3.125.137':139
'21#.#3.61.123':139
'21#.#3.113.45':139
'21#.#3.10.160':139
'21#.#3.231.182':139
'21#.#3.136.174':139
'21#.#3.241.177':139
'21#.#3.193.7':139
'21#.#3.15.222':139
'21#.#3.85.175':139
'21#.#3.38.156':139
'21#.#3.72.245':139
'21#.#3.149.129':139
'21#.#3.132.13':139
'21#.#3.233.205':139
'21#.#3.138.238':139
'21#.#3.237.212':139
'21#.#3.51.66':139
'21#.#3.195.73':445
'21#.#3.45.245':445
'21#.#3.22.197':445
'21#.#3.18.188':445
'21#.#3.158.114':445
'21#.#3.50.108':445
'21#.#3.196.164':445
'21#.#3.114.175':445
'21#.#3.240.245':445
'21#.#3.195.101':445
'21#.#3.10.212':445
'21#.#3.219.198':445
'21#.#3.68.27':445
'21#.#3.6.167':139
'21#.#3.99.91':139
'21#.#3.192.191':139
'21#.#3.49.202':139
'21#.#3.119.49':139
'21#.#3.94.119':139
'21#.#3.220.27':445
'21#.#3.114.220':445
'21#.#3.162.210':445
'21#.#3.168.212':139
'21#.#3.200.237':445
'21#.#3.0.202':445
'21#.#3.12.152':445
'21#.#3.159.210':445
'21#.#3.4.161':445
'21#.#3.66.134':445
'21#.#3.134.53':445
'21#.#3.253.223':445
'21#.#3.95.73':445
'21#.#3.119.49':445
'21#.#3.94.119':445
'21#.#3.6.167':445
'21#.#3.16.28':445
'21#.#3.202.251':445
'21#.#3.49.202':445
'21#.#3.162.112':445
'21#.#3.145.63':445
'21#.#3.120.103':445
'21#.#3.85.249':445
'21#.#3.182.166':445
'21#.#3.113.5':445
'21#.#3.35.174':445
'21#.#3.153.198':445
'21#.#3.14.33':445
'21#.#3.43.110':445
'21#.#3.170.55':445
'21#.#3.173.145':445
'21#.#3.202.251':139
'21#.#3.114.220':139
'21#.#3.158.114':139
'21#.#3.162.210':139
'21#.#3.200.237':139
'21#.#3.0.202':139
'21#.#3.220.27':139
'21#.#3.45.245':139
'21#.#3.10.212':139
'21#.#3.18.188':139
'21#.#3.50.108':139
'21#.#3.196.164':139
'21#.#3.22.197':139
'21#.#3.131.223':139
'21#.#3.120.135':139
'21#.#3.108.189':139
'21#.#3.39.129':139
'21#.#3.59.137':139
'21#.#3.128.174':139
'21#.#3.131.223':445
'21#.#3.120.135':445
'21#.#3.108.189':445
'21#.#3.39.129':445
'21#.#3.59.137':445
'21#.#3.128.174':445
'21#.#3.219.198':139
'21#.#3.153.198':139
'21#.#3.14.33':139
'21#.#3.134.53':139
'21#.#3.170.55':139
'21#.#3.173.145':139
'21#.#3.35.174':139
'21#.#3.4.161':139
'21#.#3.66.134':139
'21#.#3.16.28':139
'21#.#3.253.223':139
'21#.#3.95.73':139
'21#.#3.159.210':139
'21#.#3.195.101':139
'21#.#3.12.152':139
'21#.#3.85.249':139
'21#.#3.68.27':139
'21#.#3.240.245':139
'21#.#3.114.175':139
'21#.#3.145.63':139
'21#.#3.120.103':139
'21#.#3.43.110':139
'21#.#3.182.166':139
'21#.#3.113.5':139
'21#.#3.162.112':139
'21#.#3.192.251':445
'21#.#3.40.192':445
'21#.#3.13.68':445
'21#.#3.173.213':445
'21#.#3.108.235':445
'21#.#3.63.128':445
'21#.#3.217.19':445
'21#.#3.153.2':445
'21#.#3.198.251':445
'21#.#3.237.18':445
'21#.93.2.87':445
'21#.#3.246.91':445
'21#.#3.206.24':445
'21#.#3.241.40':445
'21#.#3.108.188':445
'21#.#3.15.31':139
'21#.#3.212.103':445
'21#.#3.59.59':445
'21#.#3.57.197':445
'21#.#3.95.30':445
'21#.93.83.3':445
'21#.#3.103.205':445
'21#.#3.71.103':445
'21#.#3.173.138':445
'21#.#3.235.137':445
'21#.#3.106.241':445
'21#.#3.46.79':445
'21#.#3.146.35':445
'21#.#3.51.21':445
'21#.#3.142.3':445
'21#.#3.184.128':445
'21#.93.2.34':445
'21#.93.1.3':445
'21#.#3.118.1':445
'21#.#3.98.187':445
'21#.#3.61.203':445
'21#.#3.75.58':445
'21#.#3.195.48':445
'21#.#3.116.113':445
'21#.#3.141.252':445
'21#.#3.195.29':445
'21#.#3.139.120':445
'21#.#3.90.249':445
'21#.#3.143.74':445
'21#.#3.90.169':445
'21#.#3.169.42':445
'21#.#3.198.182':445
'21#.#3.1.167':445
'21#.#3.198.112':445
'21#.#3.44.116':139
'21#.#3.40.192':139
'21#.#3.13.68':139
'21#.#3.237.18':139
'21#.#3.108.235':139
'21#.#3.63.128':139
'21#.#3.192.251':139
'21#.#3.153.2':139
'21#.#3.198.251':139
'21#.#3.235.137':139
'21#.93.2.87':139
'21#.#3.246.91':139
'21#.#3.217.19':139
'21#.#3.206.24':139
'21#.#3.241.40':139
'21#.#3.59.59':139
'21#.#3.108.188':139
'21#.#3.212.103':139
'21#.#3.71.103':139
'21#.#3.95.30':139
'21#.93.83.3':139
'21#.#3.173.213':139
'21#.#3.103.205':139
'21#.#3.173.138':139
'21#.#3.57.197':139
'21#.#3.195.29':139
'21#.#3.106.241':139
'21#.#3.146.35':139
'21#.#3.61.203':139
'21#.#3.142.3':139
'21#.#3.184.128':139
'21#.#3.46.79':139
'21#.93.1.3':139
'21#.#3.118.1':139
'21#.#3.19.195':139
'21#.#3.98.187':139
'21#.#3.75.58':139
'21#.93.2.34':139
'21#.#3.116.113':139
'21#.#3.141.252':139
'21#.#3.198.182':139
'21#.#3.139.120':139
'21#.#3.90.249':139
'21#.#3.195.48':139
'21#.#3.169.42':139
'21#.#3.90.169':139
'21#.#3.51.21':139
'21#.#3.1.167':139
'21#.#3.198.112':139
'21#.#3.143.74':139
'21#.#3.19.195':445
'21#.#3.1.189':445
'21#.#3.142.166':445
'21#.#3.164.80':445
'21#.#3.218.115':445
'21#.#3.24.195':445
'21#.#3.66.250':445
'21#.#3.16.138':445
'21#.#3.121.226':445
'21#.#3.95.254':445
'21#.#3.233.240':445
'21#.#3.117.250':445
'21#.#3.60.139':445
'21#.#3.83.158':445
'21#.#3.172.83':445
'21#.#3.110.172':445
'21#.#3.62.245':139
'21#.#3.21.150':139
'21#.#3.158.125':445
'21#.93.44.1':445
'21#.#3.74.32':445
'21#.#3.96.224':445
'21#.#3.143.161':445
'21#.#3.131.206':445
'21#.#3.0.149':445
'21#.#3.206.83':445
'21#.#3.110.19':445
'21#.#3.253.106':445
'21#.#3.46.175':445
'21#.#3.98.248':445
'21#.#3.184.52':445
'21#.#3.231.85':445
'21#.#3.21.150':445
'21#.#3.130.197':139
'21#.#3.72.50':139
'21#.#3.69.14':445
'21#.#3.48.139':445
'21#.#3.62.245':445
'21#.#3.37.214':445
'21#.#3.73.114':445
'21#.#3.118.164':445
'21#.93.8.42':445
'21#.#3.78.249':445
'21#.#3.44.163':445
'21#.#3.237.241':445
'21#.#3.72.32':445
'21#.#3.33.225':445
'21#.#3.194.68':445
'21#.#3.237.194':445
'21#.#3.215.59':445
'21#.#3.48.139':139
'21#.#3.74.32':139
'21#.#3.96.224':139
'21#.#3.218.115':139
'21#.#3.131.206':139
'21#.#3.0.149':139
'21#.93.44.1':139
'21#.#3.142.166':139
'21#.#3.164.80':139
'21#.#3.233.240':139
'21#.#3.24.195':139
'21#.#3.66.250':139
'21#.#3.1.189':139
'21#.#3.57.197':9988
'21#.#3.141.252':9988
'21#.#3.46.79':9988
'21#.#3.44.116':445
'21#.#3.15.31':445
'21#.#3.212.103':9988
'21#.#3.172.83':139
'21#.#3.110.172':139
'21#.#3.143.161':139
'21#.#3.98.187':9988
'21#.#3.158.125':139
'21#.#3.83.158':139
'21#.#3.117.250':139
'21#.#3.237.241':139
'21#.#3.33.225':139
'21#.#3.110.19':139
'21#.#3.237.194':139
'21#.#3.215.59':139
'21#.#3.72.32':139
'21#.#3.253.106':139
'21#.#3.46.175':139
'21#.#3.69.14':139
'21#.#3.231.85':139
'21#.#3.184.52':139
'21#.#3.98.248':139
'21#.#3.95.254':139
'21#.#3.206.83':139
'21#.93.8.42':139
'21#.#3.60.139':139
'21#.#3.16.138':139
'21#.#3.121.226':139
'21#.#3.73.114':139
'21#.#3.118.164':139
'21#.#3.194.68':139
'21#.#3.78.249':139
'21#.#3.44.163':139
'21#.#3.37.214':139

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней