Trojan.Starman.5811

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs
'<SYSTEM32>\dumprep.exe' 1148 -dm 7 7 %TEMP%\WERa143.dir00\svchost.exe.mdmp 16325836412032256

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%TEMP%\WERa143.dir00\svchost.exe.mdmp
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe

Сетевая активность:

Подключается к:

'20#.#55.113.23':445
'20#.#55.164.190':445
'20#.#55.148.225':445
'20#.#55.5.151':445
'20#.#55.95.165':139
'20#.#55.145.23':139
'20#.#55.53.81':139
'20#.#55.137.95':139
'20#.#55.32.71':139
'20#.#55.70.41':445
'20#.#55.56.30':445
'20#.#55.86.15':445
'20#.#55.5.98':445
'20#.#55.198.194':445
'20#.#55.249.147':445
'20#.#55.170.152':445
'20#.#55.124.171':445
'20#.#55.84.80':445
'20#.#55.152.105':445
'20#.#55.202.89':139
'20#.#55.6.231':139
'20#.#55.19.58':139
'20#.#55.89.98':139
'20#.#55.15.165':139
'20#.#55.38.235':139
'20#.#55.56.233':139
'20#.#55.148.15':139
'20#.#55.251.127':139
'20#.#55.178.121':139
'20#.#55.120.165':139
'20#.#55.161.120':139
'20#.#55.253.152':139
'20#.#55.166.2':139
'20#.#55.228.252':139
'20#.#55.223.166':139
'20#.#55.14.129':139
'20#.#55.161.135':139
'20#.#55.167.161':139
'20#.#55.46.46':445
'20#.#55.190.179':445
'20#.#55.50.237':445
'20#.#55.170.131':445
'20#.#55.250.95':445
'20#.#55.25.79':445
'20#.#55.163.66':445
'20#.#55.126.139':445
'20#.#55.22.208':445
'20#.#55.116.210':445
'20#.#55.71.208':445
'20#.#55.70.251':445
'20#.#55.219.204':445
'20#.#55.113.23':139
'20#.#55.164.190':139
'20#.#55.247.79':445
'20#.#55.9.51':445
'20#.#55.179.52':445
'20#.#55.84.88':445
'20#.#55.195.70':445
'20#.#55.108.45':445
'20#.#55.235.13':445
'20#.#55.95.225':445
'20#.#55.100.251':445
'20#.#55.68.91':445
'20#.#55.33.60':445
'20#.#55.42.248':445
'20#.#55.208.83':445
'20#.#55.83.38':445
'20#.#55.77.37':445
'20#.#55.83.48':445
'20#.#55.246.143':445
'20#.#55.17.116':445
'20#.#55.204.185':445
'20#.#55.244.246':445
'20#.#55.16.235':445
'20#.#55.52.56':445
'20#.#55.80.45':445
'20#.#55.10.179':445
'20#.#55.29.192':139
'20#.#55.50.167':445
'20#.#55.187.144':445
'20#.#55.56.233':445
'20#.#55.29.192':445
'20#.#55.119.101':445
'20#.#55.154.132':445
'20#.#55.178.2':445
'20#.#55.78.167':445
'20#.#55.99.80':445
'20#.#55.38.235':445
'20#.#55.19.58':445
'20#.#55.89.98':445
'20#.#55.14.129':445
'20#.#55.178.121':445
'20#.#55.202.89':445
'20#.#55.148.15':445
'20#.#55.251.127':445
'20#.#55.6.231':445
'20#.#55.15.165':445
'20#.#55.104.141':445
'20#.#55.157.100':445
'20#.#55.58.11':445
'20#.#55.141.72':445
'20#.#55.201.125':445
'20#.#55.175.138':445
'20#.#55.244.6':445
'20#.#55.107.201':445
'20#.#55.39.201':445
'20#.#55.173.126':445
'20#.#55.85.247':445
'20#.#55.125.33':445
'20#.#55.15.178':445
'20#.#55.88.16':445
'20#.#55.151.158':445
'20#.#55.65.159':445
'20#.#55.59.1':445
'20#.#55.33.151':445
'20#.#55.50.33':445
'20#.#55.223.166':445
'20#.#55.33.151':139
'20#.#55.50.33':139
'20#.#55.125.33':139
'20#.#55.151.158':139
'20#.#55.65.159':139
'20#.#55.58.11':139
'20#.#55.141.72':139
'20#.#55.59.1':139
'20#.#55.173.126':139
'20#.#55.85.247':139
'20#.#55.119.101':139
'20#.#55.78.167':139
'20#.#55.50.167':139
'20#.#55.187.144':139
'20#.#55.99.80':139
'20#.#55.15.178':139
'20#.#55.88.16':139
'20#.#55.154.132':139
'20#.#55.178.2':139
'20#.#55.253.152':445
'20#.#55.166.2':445
'20#.#55.145.23':445
'20#.#55.53.81':445
'20#.#55.120.165':445
'20#.#55.161.135':445
'20#.#55.167.161':445
'20#.#55.161.120':445
'20#.#55.228.252':445
'20#.#55.32.71':445
'20#.#55.201.125':139
'20#.#55.107.201':139
'20#.#55.104.141':139
'20#.#55.157.100':139
'20#.#55.39.201':139
'20#.#55.95.165':445
'20#.#55.137.95':445
'20#.#55.175.138':139
'20#.#55.244.6':139
'20#.#55.5.151':139
'20#.#55.99.25':445
'20#.#55.53.110':445
'20#.#55.150.212':139
'20#.#55.192.9':139
'20#.#55.148.110':445
'20#.#55.160.238':445
'20#.#55.235.135':445
'20#.#55.203.158':445
'20#.#55.130.246':445
'20#.#55.52.73':139
'20#.#55.50.169':139
'20#.#55.95.170':139
'20#.#55.0.127':139
'20#.#55.17.59':139
'20#.#55.117.236':139
'20#.#55.179.79':139
'20#.#55.0.130':139
'20#.#55.108.65':139
'20#.#55.34.226':139
'20#.#55.131.177':445
'20#.#55.79.240':445
'20#.#55.184.136':445
'20#.#55.18.254':445
'20#.#55.103.243':445
'20#.#55.25.92':445
'20#.#55.14.193':445
'20#.#55.61.102':445
'20#.#55.163.177':445
'20#.#55.25.130':445
'20#.#55.27.236':445
'20#.#55.170.27':445
'20#.#55.179.118':445
'20#.#55.245.251':445
'20#.#55.105.170':445
'20#.#55.147.26':445
'20#.#55.161.54':445
'20#.#55.125.105':445
'20#.#55.203.124':445
'20#.#55.85.178':139
'20#.#55.125.105':139
'20#.#55.203.124':139
'20#.#55.170.27':139
'20#.#55.105.170':139
'20#.#55.161.54':139
'20#.#55.18.254':139
'20#.#55.184.136':139
'20#.#55.147.26':139
'20#.#55.25.130':139
'20#.#55.27.236':139
'20#.#55.53.110':139
'20#.#55.99.25':139
'20#.#55.179.118':139
'20#.#55.160.238':139
'20#.#55.148.110':139
'20#.#55.203.158':139
'20#.#55.235.135':139
'20#.#55.245.251':139
'20#.#55.130.246':139
'20#.#55.253.111':139
'20#.#55.37.168':139
'20#.#55.20.57':139
'20#.#55.75.201':139
'20#.#55.244.160':139
'20#.#55.203.121':139
'20#.#55.203.45':139
'20#.#55.158.161':139
'20#.#55.189.142':139
'20#.#55.229.251':139
'20#.#55.103.243':139
'20#.#55.61.102':139
'20#.#55.131.177':139
'20#.#55.79.240':139
'20#.#55.163.177':139
'20#.#55.127.207':139
'20#.#55.45.121':139
'20#.#55.25.92':139
'20#.#55.14.193':139
'20#.#55.127.207':445
'20#.#55.80.45':139
'20#.#55.10.179':139
'20#.#55.246.143':139
'20#.#55.244.246':139
'20#.#55.16.235':139
'20#.#55.95.225':139
'20#.#55.100.251':139
'20#.#55.52.56':139
'20#.#55.77.37':139
'20#.#55.83.48':139
'20#.#55.25.79':139
'20#.#55.22.208':139
'20#.#55.190.179':139
'20#.#55.50.237':139
'20#.#55.116.210':139
'20#.#55.17.116':139
'20#.#55.204.185':139
'20#.#55.163.66':139
'20#.#55.126.139':139
'20#.#55.249.147':139
'20#.#55.84.80':139
'20#.#55.56.30':139
'20#.#55.86.15':139
'20#.#55.152.105':139
'20#.#55.70.41':139
'20#.#55.148.225':139
'20#.#55.170.152':139
'20#.#55.124.171':139
'20#.#55.198.194':139
'20#.#55.68.91':139
'20#.#55.208.83':139
'20#.#55.108.45':139
'20#.#55.235.13':139
'20#.#55.83.38':139
'20#.#55.46.46':139
'20#.#55.5.98':139
'20#.#55.33.60':139
'20#.#55.42.248':139
'20#.#55.250.95':139
'20#.#55.17.59':445
'20#.#55.50.169':445
'20#.#55.203.121':445
'20#.#55.85.178':445
'20#.#55.0.127':445
'20#.#55.108.65':445
'20#.#55.34.226':445
'20#.#55.95.170':445
'20#.#55.117.236':445
'20#.#55.203.45':445
'20#.#55.20.57':445
'20#.#55.75.201':445
'20#.#55.229.251':445
'20#.#55.45.121':445
'20#.#55.253.111':445
'20#.#55.158.161':445
'20#.#55.189.142':445
'20#.#55.37.168':445
'20#.#55.244.160':445
'20#.#55.247.79':139
'20#.#55.84.88':139
'20#.#55.70.251':139
'20#.#55.219.204':139
'20#.#55.195.70':139
'20#.#55.170.131':139
'20#.#55.71.208':139
'20#.#55.9.51':139
'20#.#55.179.52':139
'20#.#55.192.9':9988
'20#.#55.150.212':445
'20#.#55.52.73':445
'20#.#55.179.79':445
'20#.#55.0.130':445
'20#.#55.192.9':445
'20#.#55.163.177':9988
'20#.#55.52.73':9988
'20#.#55.147.26':9988
'20#.#55.18.254':9988

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней