Trojan.Starman.6526

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs
'<SYSTEM32>\dumprep.exe' 1140 -dm 7 7 %TEMP%\WER3a6c.dir00\svchost.exe.mdmp 16325836412032008

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
%PROGRAM_FILES%\NetMeeting\rsewzjqn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%TEMP%\WER3a6c.dir00\svchost.exe.mdmp
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe

Сетевая активность:

Подключается к:

'65.##.199.181':139
'65.##.155.247':139
'65.#9.57.9':139
'65.##.91.143':139
'65.##.41.183':139
'65.##.86.132':139
'65.#9.2.87':139
'65.#9.97.80':139
'65.##.129.142':139
'65.##.171.106':139
'65.##.139.170':139
'65.##.222.139':139
'65.#9.38.0':139
'65.#9.140.5':139
'65.##.172.249':445
'65.##.141.249':445
'65.#9.29.85':139
'65.#9.9.94':139
'65.##.181.125':139
'65.##.157.75':139
'65.##.66.177':139
'65.#9.70.2':139
'65.##.91.143':445
'65.##.41.183':445
'65.##.139.170':445
'65.#9.29.85':445
'65.#9.9.94':445
'65.##.129.142':445
'65.##.171.106':445
'65.##.155.247':445
'65.#9.57.9':445
'65.##.199.181':445
'65.##.181.125':445
'65.#9.69.41':139
'65.#9.1.9':139
'65.##.130.11':139
'65.##.250.69':139
'65.##.155.42':139
'65.##.157.75':445
'65.##.66.177':445
'65.#9.38.0':445
'65.#9.140.5':445
'65.##.222.139':445
'65.##.24.158':139
'65.##.188.177':139
'65.#9.90.8':139
'65.##.65.154':139
'65.##.134.245':139
'65.##.144.74':445
'65.##.190.254':445
'65.##.141.249':139
'65.##.140.227':139
'65.##.172.249':139
'65.##.74.190':139
'65.##.169.144':139
'65.##.253.204':139
'65.#9.24.21':139
'65.##.111.154':139
'65.##.63.164':139
'65.##.124.101':139
'65.##.190.136':139
'65.##.105.43':139
'65.##.13.235':139
'65.##.183.190':139
'65.##.170.131':445
'65.##.74.190':445
'65.##.65.154':445
'65.##.190.136':445
'65.##.105.43':445
'65.##.124.101':445
'65.##.188.177':445
'65.##.140.227':445
'65.##.24.158':445
'65.##.134.245':445
'65.#9.90.8':445
'65.##.183.190':445
'65.##.88.134':445
'65.##.111.154':445
'65.##.116.24':445
'65.##.113.112':445
'65.#9.94.37':445
'65.##.253.204':445
'65.##.13.235':445
'65.##.169.144':445
'65.##.63.164':445
'65.#9.24.21':445
'65.##.182.134':445
'65.##.96.147':445
'65.##.100.154':445
'65.#9.115.1':445
'65.##.146.77':445
'65.##.218.35':139
'65.##.247.206':139
'65.##.163.71':139
'65.##.229.144':445
'65.#9.71.25':445
'65.##.17.190':445
'65.##.80.231':445
'65.##.12.150':445
'65.##.191.173':445
'65.##.152.20':445
'65.##.106.115':445
'65.##.100.195':445
'65.##.175.179':445
'65.##.195.203':445
'65.##.123.33':445
'65.##.200.37':445
'65.##.63.176':139
'65.#9.25.16':139
'65.##.163.195':139
'65.##.58.226':139
'65.##.58.197':139
'65.#9.57.35':139
'65.##.211.27':139
'65.##.210.33':139
'65.##.21.206':139
'65.##.175.110':139
'65.##.122.169':139
'65.#9.176.3':139
'65.#9.60.5':139
'65.##.88.173':139
'65.##.118.172':139
'65.##.125.63':139
'65.##.188.251':139
'65.##.25.118':139
'65.##.184.148':139
'65.##.138.53':139
'65.##.102.253':139
'65.##.134.114':139
'65.##.26.139':139
'65.##.160.47':139
'65.##.164.59':139
'65.##.174.28':139
'65.##.10.133':139
'65.##.191.173':139
'65.##.80.231':139
'65.##.106.115':139
'65.##.28.202':139
'65.##.152.20':139
'65.##.83.103':139
'65.#9.70.2':445
'65.##.250.69':445
'65.#9.2.87':445
'65.#9.97.80':445
'65.##.86.132':445
'65.#9.1.9':445
'65.##.103.107':139
'65.#9.69.41':445
'65.##.155.42':445
'65.##.130.11':445
'65.##.12.150':139
'65.##.83.103':445
'65.##.174.28':445
'65.##.103.107':445
'65.##.229.144':139
'65.#9.71.25':139
'65.##.160.47':445
'65.##.28.202':445
'65.##.26.139':445
'65.##.10.133':445
'65.##.164.59':445
'65.##.96.147':139
'65.##.100.195':139
'65.##.175.179':139
'65.##.195.203':139
'65.##.123.33':139
'65.##.200.37':139
'65.##.100.154':139
'65.##.182.134':139
'65.##.146.77':139
'65.##.17.190':139
'65.#9.115.1':139
'65.##.180.211':445
'65.#9.19.59':445
'65.##.221.149':445
'65.#9.88.80':445
'65.##.57.130':445
'65.##.25.100':445
'65.##.141.134':445
'65.##.100.169':445
'65.#9.85.43':445
'65.##.169.168':445
'65.##.194.86':445
'65.##.172.87':139
'65.#9.4.163':139
'65.##.49.210':139
'65.#9.30.50':139
'65.#9.79.34':139
'65.##.34.136':445
'65.#9.56.91':445
'65.##.133.46':139
'65.#9.24.82':139
'65.#9.46.19':139
'65.##.124.129':445
'65.##.94.181':445
'65.##.164.186':445
'65.##.53.147':445
'65.##.111.187':445
'65.##.218.24':445
'65.##.199.146':445
'65.##.42.117':445
'65.##.166.234':445
'65.#9.59.65':445
'65.##.152.63':445
'65.##.18.180':445
'65.#9.46.13':445
'65.##.155.45':445
'65.##.151.224':445
'65.##.81.124':445
'65.##.20.250':445
'65.##.27.106':445
'65.#9.2.75':445
'65.#9.32.6':445
'65.##.48.106':445
'65.##.196.137':445
'65.##.81.124':139
'65.##.20.250':139
'65.##.124.129':139
'65.##.25.100':139
'65.##.141.134':139
'65.##.48.106':139
'65.##.196.137':139
'65.##.155.45':139
'65.##.151.224':139
'65.#9.46.13':139
'65.##.100.169':139
'65.##.194.86':139
'65.##.57.130':139
'65.#9.56.91':139
'65.##.34.136':139
'65.#9.88.80':139
'65.#9.85.43':139
'65.##.169.168':139
'65.#9.19.59':139
'65.##.221.149':139
'65.##.180.211':139
'65.#9.32.6':139
'65.##.73.122':139
'65.#9.40.48':139
'65.##.122.42':139
'65.##.199.146':139
'65.##.42.117':139
'65.#9.69.48':139
'65.##.248.68':139
'65.##.211.158':139
'65.##.211.180':139
'65.##.164.236':139
'65.##.166.234':139
'65.##.111.187':139
'65.##.218.24':139
'65.##.18.180':139
'65.##.27.106':139
'65.#9.2.75':139
'65.#9.59.65':139
'65.##.152.63':139
'65.##.164.186':139
'65.##.53.147':139
'65.##.94.181':139
'65.##.108.22':445
'65.##.233.82':445
'65.#9.61.45':445
'65.##.116.133':445
'65.##.99.117':445
'65.##.190.152':445
'65.##.203.106':445
'65.#9.79.74':445
'65.##.113.157':445
'65.##.155.139':445
'65.##.195.204':139
'65.##.101.117':139
'65.##.151.253':139
'65.##.232.206':139
'65.#9.224.5':139
'65.##.159.73':139
'65.##.111.165':139
'65.##.204.82':139
'65.##.103.55':139
'65.##.78.240':139
'65.#9.61.35':139
'65.##.195.67':445
'65.##.144.74':139
'65.##.190.254':139
'65.##.195.204':445
'65.##.111.165':445
'65.##.204.82':445
'65.##.116.24':139
'65.##.88.134':139
'65.#9.94.37':139
'65.##.170.131':139
'65.##.113.112':139
'65.##.103.55':445
'65.#9.224.5':445
'65.##.159.73':445
'65.#9.72.56':445
'65.#9.2.96':445
'65.##.207.189':445
'65.##.78.240':445
'65.#9.61.35':445
'65.##.151.253':445
'65.##.232.206':445
'65.##.101.117':445
'65.#9.46.19':445
'65.##.133.46':445
'65.#9.24.82':445
'65.##.172.87':445
'65.#9.4.163':445
'65.#9.19.59':9988
'65.##.169.168':9988
'65.##.180.211':9988
'65.#9.56.91':9988
'65.##.221.149':9988
'65.##.49.210':445
'65.##.211.180':445
'65.##.164.236':445
'65.#9.40.48':445
'65.##.122.42':445
'65.##.73.122':445
'65.#9.30.50':445
'65.#9.79.34':445
'65.##.248.68':445
'65.##.211.158':445
'65.#9.69.48':445
'65.##.124.129':9988
'65.#9.79.74':139
'65.##.190.152':139
'65.##.155.139':139
'65.##.233.82':139
'65.##.113.157':139
'65.##.207.189':139
'65.#9.72.56':139
'65.#9.2.96':139
'65.##.203.106':139
'65.##.195.67':139
'65.##.108.22':139
'65.#9.46.13':9988
'65.##.155.45':9988
'65.##.151.224':9988
'65.##.81.124':9988
'65.##.20.250':9988
'65.##.99.117':139
'65.#9.61.45':139
'65.##.116.133':139
'65.##.48.106':9988
'65.#9.32.6':9988

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней