Trojan.Starman.6520

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs
'<SYSTEM32>\dumprep.exe' 1120 -dm 7 7 %TEMP%\WER1e13.dir00\svchost.exe.mdmp 16325836412032176

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%TEMP%\WER1e13.dir00\svchost.exe.mdmp
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe

Сетевая активность:

Подключается к:

'21#.#43.120.185':139
'21#.#43.74.17':139
'21#.#43.196.73':139
'21#.#43.5.59':139
'21#.#43.1.84':139
'21#.#43.255.219':139
'21#.#43.45.21':139
'21#.#43.32.142':139
'21#.#43.54.74':139
'21#.#43.255.53':139
'21#.#43.251.246':139
'21#.#43.193.155':139
'21#.#43.15.52':139
'21#.#43.42.32':139
'21#.#43.30.179':139
'21#.#43.51.209':139
'21#.#43.133.57':139
'21#.#43.98.225':139
'21#.#43.115.132':139
'21#.#43.82.158':139
'21#.#43.97.82':139
'21#.#43.114.171':139
'21#.#43.98.225':445
'21#.#43.251.246':445
'21#.#43.133.57':445
'21#.#43.97.82':445
'21#.#43.115.132':445
'21#.#43.120.185':445
'21#.#43.74.17':445
'21#.#43.196.73':445
'21#.#43.5.59':445
'21#.#43.1.84':445
'21#.#43.82.158':445
'21#.#43.121.220':139
'21#.#43.76.55':139
'21#.#43.208.1':139
'21#.#43.188.114':139
'21#.#43.45.230':139
'21#.#43.193.155':445
'21#.#43.15.52':445
'21#.#43.42.32':445
'21#.#43.30.179':445
'21#.#43.51.209':445
'21#.#43.127.60':139
'21#.#43.101.126':139
'21#.#43.177.83':139
'21#.#43.11.202':139
'21#.#43.131.69':139
'21#.#43.212.5':445
'21#.#43.221.100':445
'21#.#43.93.152':139
'21#.#43.130.18':139
'21#.#43.125.133':139
'21#.#43.16.188':139
'21#.#43.179.247':139
'21#.#43.246.155':139
'21#.#43.6.202':139
'21#.#43.204.240':139
'21#.#43.27.252':139
'21#.#43.71.39':139
'21#.#43.140.64':139
'21#.#43.218.82':139
'21#.#43.11.4':139
'21#.#43.192.10':139
'21#.#43.119.3':445
'21#.#43.131.69':445
'21#.#43.177.83':445
'21#.#43.11.202':445
'21#.#43.140.64':445
'21#.#43.16.188':445
'21#.#43.125.133':445
'21#.#43.93.152':445
'21#.#43.130.18':445
'21#.#43.127.60':445
'21#.#43.101.126':445
'21#.#43.71.39':445
'21#.#43.27.252':445
'21#.#43.6.202':445
'21#.#43.204.240':445
'21#.#43.241.156':445
'21#.#43.92.241':445
'21#.#43.192.10':445
'21#.#43.218.82':445
'21#.#43.11.4':445
'21#.#43.179.247':445
'21#.#43.246.155':445
'21#.#43.97.91':445
'21#.#43.55.235':445
'21#.#43.196.21':445
'21#.#43.93.101':445
'21#.#43.159.93':445
'21#.#43.111.209':139
'21#.#43.10.112':139
'21#.#43.208.193':139
'21#.#43.41.76':139
'21#.#43.50.97':139
'21#.#43.214.229':445
'21#.#43.45.242':445
'21#.#43.45.118':445
'21#.#43.133.175':445
'21#.#43.150.133':445
'21#.#43.6.233':445
'21#.#43.25.228':445
'21#.#43.39.94':445
'21#.#43.90.111':445
'21#.#43.212.71':445
'21#.#43.185.36':445
'21#.#43.145.195':139
'21#.#43.131.197':139
'21#.#43.141.10':139
'21#.#43.23.48':139
'21#.#43.157.182':139
'21#.#43.146.141':139
'21#.#43.144.134':139
'21#.#43.55.117':139
'21#.#43.45.123':139
'21#.#43.7.231':139
'21#.#43.86.6':139
'21#.#43.182.207':139
'21#.#43.179.28':139
'21#.#43.129.145':139
'21#.#43.102.79':139
'21#.#43.7.185':139
'21#.#43.117.251':139
'21#.#43.132.5':139
'21#.#43.65.175':139
'21#.#43.208.241':139
'21#.#43.192.87':139
'21#.#43.168.250':139
'21#.#43.110.196':139
'21#.#43.70.162':139
'21#.#43.4.88':139
'21#.#43.42.112':139
'21#.#43.80.100':139
'21#.#43.150.133':139
'21#.#43.6.233':139
'21#.#43.144.84':139
'21#.#43.76.243':139
'21#.#43.20.220':139
'21#.#43.76.55':445
'21#.#43.255.219':445
'21#.#43.45.21':445
'21#.#43.32.142':445
'21#.#43.54.74':445
'21#.#43.255.53':445
'21#.#43.208.1':445
'21#.#43.121.220':445
'21#.#43.45.230':445
'21#.#43.114.171':445
'21#.#43.188.114':445
'21#.#43.133.175':139
'21#.#43.80.100':445
'21#.#43.4.88':445
'21#.#43.42.112':445
'21#.#43.196.21':139
'21#.#43.55.235':139
'21#.#43.20.220':445
'21#.#43.144.84':445
'21#.#43.76.243':445
'21#.#43.110.196':445
'21#.#43.70.162':445
'21#.#43.97.91':139
'21#.#43.185.36':139
'21#.#43.90.111':139
'21#.#43.212.71':139
'21#.#43.45.242':139
'21#.#43.45.118':139
'21#.#43.93.101':139
'21#.#43.159.93':139
'21#.#43.214.229':139
'21#.#43.25.228':139
'21#.#43.39.94':139
'21#.#43.92.241':139
'21#.#43.6.100':445
'21#.#43.6.17':445
'21#.#43.137.23':445
'21#.#43.35.81':445
'21#.#43.165.11':445
'21#.#43.229.40':445
'21#.#43.47.56':445
'21#.#43.128.136':445
'21#.#43.100.186':445
'21#.#43.40.136':445
'21#.#43.195.36':445
'21#.#43.49.59':139
'21#.#43.106.209':139
'21#.#43.223.248':139
'21#.#43.12.103':139
'21#.#43.109.32':139
'21#.#43.151.251':445
'21#.#43.56.58':445
'21#.#43.181.159':139
'21#.#43.1.71':139
'21#.#43.105.120':139
'21#.#43.92.47':445
'21#.#43.78.77':445
'21#.#43.254.77':445
'21#.#43.77.39':445
'21#.#43.175.148':445
'21#.#43.53.86':445
'21#.#43.29.38':445
'21#.#43.253.49':445
'21#.#43.20.12':445
'21#.#43.208.119':445
'21#.#43.123.144':445
'21#.#43.148.182':445
'21#.#43.96.78':445
'21#.#43.238.192':445
'21#.#43.249.118':445
'21#.#43.119.92':445
'21#.#43.28.249':445
'21#.#43.213.250':445
'21#.#43.182.213':445
'21#.#43.212.18':445
'21#.#43.10.108':445
'21#.#43.129.114':445
'21#.#43.119.92':139
'21#.#43.249.118':139
'21#.#43.92.47':139
'21#.#43.128.136':139
'21#.#43.47.56':139
'21#.#43.10.108':139
'21#.#43.129.114':139
'21#.#43.238.192':139
'21#.#43.28.249':139
'21#.#43.96.78':139
'21#.#43.229.40':139
'21#.#43.151.251':139
'21#.#43.56.58':139
'21#.#43.195.36':139
'21#.#43.137.23':139
'21#.#43.6.100':139
'21#.#43.100.186':139
'21#.#43.40.136':139
'21#.#43.6.17':139
'21#.#43.35.81':139
'21#.#43.165.11':139
'21#.#43.212.18':139
'21#.#43.70.21':139
'21#.#43.123.138':139
'21#.#43.253.49':139
'21#.#43.20.12':139
'21#.#43.50.20':139
'21#.#43.40.65':139
'21#.#43.25.73':139
'21#.#43.26.104':139
'21#.#43.190.123':139
'21#.#43.53.210':139
'21#.#43.29.38':139
'21#.#43.175.148':139
'21#.#43.53.86':139
'21#.#43.148.182':139
'21#.#43.213.250':139
'21#.#43.182.213':139
'21#.#43.123.144':139
'21#.#43.208.119':139
'21#.#43.254.77':139
'21#.#43.77.39':139
'21#.#43.78.77':139
'21#.#43.6.196':445
'21#.#43.66.240':445
'21#.#43.161.68':445
'21#.#43.70.199':139
'21#.#43.45.171':445
'21#.#43.205.59':445
'21#.#43.45.136':445
'21#.#43.177.174':445
'21#.#43.77.214':445
'21#.#43.14.20':445
'21#.#43.199.27':139
'21#.#43.83.206':139
'21#.#43.42.199':139
'21#.#43.206.47':139
'21#.#43.16.102':139
'21#.#43.133.245':139
'21#.#43.17.75':139
'21#.#43.55.194':139
'21#.#43.185.70':139
'21#.#43.44.121':139
'21#.#43.70.239':139
'21#.#43.17.137':445
'21#.#43.55.194':445
'21#.#43.199.27':445
'21#.#43.17.75':445
'21#.#43.70.239':445
'21#.#43.185.70':445
'21#.#43.119.3':139
'21#.#43.241.156':139
'21#.#43.221.100':139
'21#.#43.70.199':445
'21#.#43.212.5':139
'21#.#43.44.121':445
'21#.#43.151.52':445
'21#.#43.57.34':445
'21#.#43.56.28':445
'21#.#43.110.137':445
'21#.#43.36.101':445
'21#.#43.83.206':445
'21#.#43.42.199':445
'21#.#43.206.47':445
'21#.#43.16.102':445
'21#.#43.133.245':445
'21#.#43.105.120':445
'21#.#43.181.159':445
'21#.#43.1.71':445
'21#.#43.49.59':445
'21#.#43.106.209':445
'21#.#43.92.47':9988
'21#.#43.119.92':9988
'21#.#43.229.40':9988
'21#.#43.6.100':9988
'21#.#43.35.81':9988
'21#.#43.223.248':445
'21#.#43.190.123':445
'21#.#43.53.210':445
'21#.#43.70.21':445
'21#.#43.50.20':445
'21#.#43.123.138':445
'21#.#43.12.103':445
'21#.#43.109.32':445
'21#.#43.25.73':445
'21#.#43.26.104':445
'21#.#43.40.65':445
'21#.#43.96.78':9988
'21#.#43.45.136':139
'21#.#43.17.137':139
'21#.#43.205.59':139
'21#.#43.14.20':139
'21#.#43.177.174':139
'21#.#43.151.52':139
'21#.#43.57.34':139
'21#.#43.56.28':139
'21#.#43.110.137':139
'21#.#43.36.101':139
'21#.#43.77.214':139
'21#.#43.77.39':9988
'21#.#43.78.77':9988
'21#.#43.175.148':9988
'21#.#43.238.192':9988
'21#.#43.213.250':9988
'21#.#43.6.196':139
'21#.#43.66.240':139
'21#.#43.161.68':139
'21#.#43.254.77':9988
'21#.#43.45.171':139

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней