Trojan.Starman.5640

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs
'<SYSTEM32>\dumprep.exe' 1144 -dm 7 7 %TEMP%\WER3193.dir00\svchost.exe.mdmp 16325836412032284

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
%PROGRAM_FILES%\NetMeeting\rsewzjqn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%TEMP%\WER3193.dir00\svchost.exe.mdmp
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe

Сетевая активность:

Подключается к:

'21#.#43.208.102':139
'21#.#43.140.38':139
'21#.#43.79.110':139
'21#.#43.149.66':139
'21#.#43.6.233':139
'21#.#43.99.159':139
'21#.#43.29.217':139
'21#.#43.251.29':139
'21#.#43.239.16':139
'21#.#43.188.233':139
'21#.#43.67.8':139
'21#.#43.121.127':139
'21#.#43.102.167':139
'21#.#43.67.240':139
'21#.#43.98.153':139
'21#.#43.39.16':139
'21#.#43.79.127':139
'21#.#43.84.98':139
'21#.#43.41.90':139
'21#.#43.254.230':139
'21#.#43.20.122':139
'21#.#43.76.23':139
'21#.#43.77.203':139
'21#.#43.34.33':139
'21#.#43.87.249':139
'21#.#43.95.42':139
'21#.#43.77.203':445
'21#.#43.34.33':445
'21#.#43.87.249':445
'21#.#43.67.240':445
'21#.#43.98.153':445
'21#.#43.39.16':445
'21#.#43.102.167':445
'21#.#43.149.66':445
'21#.#43.6.233':445
'21#.#43.254.230':445
'21#.#43.20.122':445
'21#.#43.76.23':445
'21#.#43.41.90':445
'21#.#43.65.182':445
'21#.#43.221.126':445
'21#.#43.11.221':445
'21#.#43.128.53':139
'21#.#43.43.175':445
'21#.#43.168.3':445
'21#.#43.212.109':445
'21#.#43.79.127':445
'21#.#43.84.98':445
'21#.#43.218.65':445
'21#.#43.230.19':445
'21#.#43.83.11':445
'21#.#43.212.109':139
'21#.#43.209.227':139
'21#.#43.10.202':139
'21#.#43.115.10':139
'21#.#43.134.63':139
'21#.#43.120.85':139
'21#.#43.80.2':139
'21#.#43.13.229':139
'21#.#43.102.11':139
'21#.#43.252.195':139
'21#.#43.163.115':139
'21#.#43.188.163':139
'21#.#43.223.24':139
'21#.#43.101.131':445
'21#.#43.114.75':445
'21#.#43.173.82':445
'21#.#43.78.173':445
'21#.#43.44.188':445
'21#.#43.116.0':445
'21#.#43.91.211':445
'21#.#43.161.166':445
'21#.#43.67.191':445
'21#.#43.88.11':445
'21#.#43.135.7':445
'21#.#43.7.85':445
'21#.#43.54.68':445
'21#.#43.158.253':139
'21#.#43.106.212':445
'21#.#43.43.175':139
'21#.#43.168.3':139
'21#.#43.252.195':445
'21#.#43.158.253':445
'21#.#43.65.208':445
'21#.#43.218.65':139
'21#.#43.230.19':139
'21#.#43.83.11':139
'21#.#43.65.182':139
'21#.#43.221.126':139
'21#.#43.11.221':139
'21#.#43.102.11':445
'21#.#43.120.85':445
'21#.#43.80.2':445
'21#.#43.209.227':445
'21#.#43.65.208':139
'21#.#43.106.212':139
'21#.#43.134.63':445
'21#.#43.188.163':445
'21#.#43.223.24':445
'21#.#43.13.229':445
'21#.#43.10.202':445
'21#.#43.115.10':445
'21#.#43.163.115':445
'21#.#43.137.136':139
'21#.#43.190.138':139
'21#.#43.16.220':139
'21#.#43.194.142':139
'21#.#43.250.73':139
'21#.#43.74.239':139
'21#.#43.69.145':139
'21#.#43.11.245':139
'21#.#43.208.253':139
'21#.#43.69.235':139
'21#.#43.139.23':139
'21#.#43.130.64':139
'21#.#43.107.2':139
'21#.#43.78.216':139
'21#.#43.215.111':139
'21#.#43.119.174':139
'21#.#43.13.9':139
'21#.#43.108.244':139
'21#.#43.198.108':139
'21#.#43.12.183':139
'21#.#43.114.162':139
'21#.#43.178.227':139
'21#.#43.187.25':139
'21#.#43.170.40':139
'21#.#43.114.133':139
'21#.#43.4.13':139
'21#.#43.187.25':445
'21#.#43.170.40':445
'21#.#43.114.133':445
'21#.#43.78.216':445
'21#.#43.215.111':445
'21#.#43.119.174':445
'21#.#43.107.2':445
'21#.#43.194.142':445
'21#.#43.250.73':445
'21#.#43.12.183':445
'21#.#43.114.162':445
'21#.#43.178.227':445
'21#.#43.198.108':445
'21#.#43.253.12':445
'21#.#43.232.252':445
'21#.#43.146.210':445
'21#.#43.15.49':445
'21#.#43.136.177':445
'21#.#43.14.3':445
'21#.#43.130.34':445
'21#.#43.13.9':445
'21#.#43.108.244':445
'21#.#43.105.143':445
'21#.#43.238.105':445
'21#.#43.32.222':445
'21#.#43.130.34':139
'21#.#43.31.218':139
'21#.#43.177.31':139
'21#.#43.64.55':139
'21#.#43.56.88':139
'21#.#43.110.189':139
'21#.#43.210.161':139
'21#.#43.209.133':139
'21#.#43.33.51':139
'21#.#43.243.11':139
'21#.#43.254.239':139
'21#.#43.96.234':139
'21#.#43.209.48':139
'21#.#43.69.128':139
'21#.#43.79.110':445
'21#.#43.188.233':445
'21#.#43.67.8':445
'21#.#43.99.159':445
'21#.#43.208.102':445
'21#.#43.140.38':445
'21#.#43.239.16':445
'21#.#43.95.42':445
'21#.#43.128.53':445
'21#.#43.121.127':445
'21#.#43.29.217':445
'21#.#43.251.29':445
'21#.#43.152.242':139
'21#.#43.15.49':139
'21#.#43.136.177':139
'21#.#43.14.3':139
'21#.#43.243.11':445
'21#.#43.152.242':445
'21#.#43.68.227':445
'21#.#43.105.143':139
'21#.#43.238.105':139
'21#.#43.32.222':139
'21#.#43.253.12':139
'21#.#43.232.252':139
'21#.#43.146.210':139
'21#.#43.33.51':445
'21#.#43.110.189':445
'21#.#43.210.161':445
'21#.#43.31.218':445
'21#.#43.68.227':139
'21#.#43.69.128':445
'21#.#43.56.88':445
'21#.#43.96.234':445
'21#.#43.209.48':445
'21#.#43.209.133':445
'21#.#43.177.31':445
'21#.#43.64.55':445
'21#.#43.254.239':445
'21#.#43.126.8':445
'21#.#43.14.202':445
'21#.#43.65.234':445
'21#.#43.19.78':445
'21#.#43.171.20':445
'21#.#43.72.78':445
'21#.#43.51.138':445
'21#.#43.61.232':445
'21#.#43.73.76':445
'21#.#43.109.120':445
'21#.#43.105.28':445
'21#.#43.138.105':445
'21#.#43.197.233':445
'21#.#43.50.146':445
'21#.#43.6.137':445
'21#.#43.11.73':445
'21#.#43.60.126':445
'21#.#43.86.174':445
'21#.#43.206.53':445
'21#.#43.247.2':445
'21#.#43.132.37':445
'21#.#43.153.149':445
'21#.#43.155.212':445
'21#.#43.44.169':445
'21#.#43.2.196':445
'21#.#43.100.230':445
'21#.#43.58.28':445
'21#.#43.36.53':445
'21#.#43.65.243':445
'21#.#43.220.191':445
'21#.#43.201.97':445
'21#.#43.54.239':445
'21#.#43.22.2':445
'21#.#43.215.113':445
'21#.#43.200.161':9988
'21#.#43.101.6':445
'21#.#43.157.100':445
'21#.#43.29.234':445
'21#.#43.65.75':445
'21#.#43.151.39':445
'21#.#43.29.63':445
'21#.#43.56.29':445
'21#.#43.22.196':445
'21#.#43.148.45':445
'21#.#43.225.43':445
'21#.#43.207.65':445
'21#.#43.229.27':445
'21#.#43.177.48':445
'21#.#43.15.85':445
'21#.#43.133.37':445
'21#.#43.187.120':445
'21#.#43.200.161':445
'21#.#43.72.78':139
'21#.#43.126.8':139
'21#.#43.14.202':139
'21#.#43.197.233':139
'21#.#43.19.78':139
'21#.#43.171.20':139
'21#.#43.138.105':139
'21#.#43.51.138':139
'21#.#43.61.232':139
'21#.#43.65.234':139
'21#.#43.109.120':139
'21#.#43.105.28':139
'21#.#43.153.149':139
'21#.#43.206.53':139
'21#.#43.200.161':139
'21#.#43.6.137':139
'21#.#43.60.126':139
'21#.#43.50.146':139
'21#.#43.86.174':139
'21#.#43.2.196':139
'21#.#43.247.2':139
'21#.#43.132.37':139
'21#.#43.11.73':139
'21#.#43.155.212':139
'21#.#43.44.169':139
'21#.#43.73.76':139
'21#.#43.54.239':139
'21#.#43.58.28':139
'21#.#43.36.53':139
'21#.#43.65.75':139
'21#.#43.220.191':139
'21#.#43.201.97':139
'21#.#43.29.234':139
'21#.#43.22.2':139
'21#.#43.215.113':139
'21#.#43.65.243':139
'21#.#43.101.6':139
'21#.#43.157.100':139
'21#.#43.177.48':139
'21#.#43.225.43':139
'21#.#43.151.39':139
'21#.#43.29.63':139
'21#.#43.100.230':139
'21#.#43.22.196':139
'21#.#43.148.45':139
'21#.#43.187.120':139
'21#.#43.207.65':139
'21#.#43.229.27':139
'21#.#43.56.29':139
'21#.#43.15.85':139
'21#.#43.133.37':139
'21#.#43.116.0':139
'21#.#43.114.75':139
'21#.#43.91.211':139
'21#.#43.37.5':139
'21#.#43.189.36':139
'21#.#43.44.188':139
'21#.#43.7.85':139
'21#.#43.54.68':139
'21#.#43.161.166':139
'21#.#43.173.82':139
'21#.#43.78.173':139
'21#.#43.135.7':139
'21#.#43.1.107':139
'21#.#43.253.220':139
'21#.#43.10.47':139
'21#.#43.47.219':139
'21#.#43.73.26':139
'21#.#43.29.62':139
'21#.#43.128.180':139
'21#.#43.54.82':139
'21#.#43.211.75':139
'21#.#43.11.123':139
'21#.#43.215.125':139
'21#.#43.213.228':139
'21#.#43.82.36':139
'21#.#43.67.191':139
'21#.#43.215.125':445
'21#.#43.213.228':445
'21#.#43.82.36':445
'21#.#43.10.47':445
'21#.#43.253.220':445
'21#.#43.47.219':445
'21#.#43.1.107':445
'21#.#43.37.5':445
'21#.#43.189.36':445
'21#.#43.54.82':445
'21#.#43.211.75':445
'21#.#43.11.123':445
'21#.#43.128.180':445
'21#.#43.199.79':445
'21#.#43.13.182':445
'21#.#43.88.186':445
'21#.#43.88.11':139
'21#.#43.101.131':139
'21#.#43.79.130':445
'21#.#43.126.113':445
'21#.#43.73.26':445
'21#.#43.29.62':445
'21#.#43.28.164':445
'21#.#43.103.112':445
'21#.#43.71.205':445
'21#.#43.126.113':139
'21#.#43.75.166':139
'21#.#43.98.177':139
'21#.#43.152.239':139
'21#.#43.51.138':9988
'21#.#43.17.15':139
'21#.#43.80.253':139
'21#.#43.64.190':139
'21#.#43.40.42':139
'21#.#43.60.182':139
'21#.#43.221.119':139
'21#.#43.64.222':139
'21#.#43.15.194':139
'21#.#43.138.105':9988
'21#.#43.44.169':9988
'21#.#43.247.2':9988
'21#.#43.132.37':9988
'21#.#43.11.73':9988
'21#.#43.60.126':9988
'21#.#43.155.212':9988
'21#.#43.65.234':9988
'21#.#43.109.120':9988
'21#.#43.105.28':9988
'21#.#43.19.78':9988
'21#.#43.72.78':9988
'21#.#43.126.8':9988
'21#.#43.247.115':139
'21#.#43.23.174':445
'21#.#43.29.204':445
'21#.#43.79.130':139
'21#.#43.60.182':445
'21#.#43.247.115':445
'21#.#43.95.52':445
'21#.#43.28.164':139
'21#.#43.103.112':139
'21#.#43.71.205':139
'21#.#43.199.79':139
'21#.#43.13.182':139
'21#.#43.88.186':139
'21#.#43.40.42':445
'21#.#43.17.15':445
'21#.#43.80.253':445
'21#.#43.75.166':445
'21#.#43.95.52':139
'21#.#43.23.174':139
'21#.#43.29.204':139
'21#.#43.64.222':445
'21#.#43.15.194':445
'21#.#43.64.190':445
'21#.#43.98.177':445
'21#.#43.152.239':445
'21#.#43.221.119':445

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней