Trojan.Starman.6415

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs
'<SYSTEM32>\dumprep.exe' 1144 -dm 7 7 %TEMP%\WERaa60.dir00\svchost.exe.mdmp 16325836412029324

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%TEMP%\WERaa60.dir00\svchost.exe.mdmp
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe

Сетевая активность:

Подключается к:

'20#.#15.158.122':445
'20#.#15.106.86':445
'20#.#15.9.100':445
'20#.#15.113.73':445
'20#.#15.109.48':445
'20#.#15.80.108':445
'20#.#15.151.75':139
'20#.#15.247.58':139
'20#.#15.111.131':139
'20#.#15.204.25':445
'20#.#15.54.161':139
'20#.#15.113.213':139
'20#.#15.48.4':445
'20#.#15.31.135':445
'20#.#15.70.39':445
'20#.#15.225.33':445
'20#.#15.20.99':445
'20#.#15.20.26':445
'20#.#15.7.77':445
'20#.#15.167.96':445
'20#.#15.21.172':445
'20#.#15.229.17':445
'20#.#15.0.176':445
'20#.#15.42.162':445
'20#.#15.182.223':139
'20#.#15.221.237':139
'20#.#15.83.37':139
'20#.#15.151.225':139
'20#.#15.75.120':139
'20#.#15.105.76':139
'20#.#15.151.75':445
'20#.#15.247.58':445
'20#.#15.111.131':445
'20#.#15.188.175':139
'20#.#15.54.161':445
'20#.#15.113.213':445
'20#.#15.24.229':139
'20#.#15.219.35':139
'20#.#15.198.234':139
'20#.#15.222.94':139
'20#.#15.5.82':139
'20#.#15.217.236':139
'20#.#15.34.231':139
'20#.#15.111.39':139
'20#.#15.137.116':139
'20#.#15.82.77':139
'20#.#15.41.94':139
'20#.#15.231.8':139
'20#.#15.215.123':445
'20#.#15.20.202':139
'20#.#15.248.111':139
'20#.#15.84.95':139
'20#.#15.191.231':445
'20#.#15.139.183':445
'20#.#15.106.120':139
'20#.#15.215.123':139
'20#.#15.225.33':139
'20#.#15.20.99':139
'20#.#15.79.3':139
'20#.#15.166.166':139
'20#.#15.0.169':139
'20#.#15.79.183':445
'20#.#15.233.4':445
'20#.#15.13.34':445
'20#.#15.136.135':445
'20#.#15.166.147':445
'20#.#15.245.8':445
'20#.#15.72.110':445
'20#.#15.18.43':445
'20#.#15.116.143':445
'20#.#15.169.162':445
'20#.#15.38.178':445
'20#.#15.27.216':445
'20#.#15.9.100':139
'20#.#15.204.25':139
'20#.#15.106.120':445
'20#.#15.80.108':139
'20#.#15.158.122':139
'20#.#15.106.86':139
'20#.#15.79.3':445
'20#.#15.166.166':445
'20#.#15.0.169':445
'20#.#15.20.202':445
'20#.#15.248.111':445
'20#.#15.84.95':445
'20#.#15.70.39':139
'20#.#15.229.17':139
'20#.#15.0.176':139
'20#.#15.20.26':139
'20#.#15.48.4':139
'20#.#15.31.135':139
'20#.#15.21.172':139
'20#.#15.113.73':139
'20#.#15.109.48':139
'20#.#15.42.162':139
'20#.#15.7.77':139
'20#.#15.167.96':139
'20#.#15.4.224':445
'20#.#15.17.98':445
'20#.#15.246.9':445
'20#.#15.76.26':445
'20#.#15.170.118':445
'20#.#15.47.58':445
'20#.#15.236.122':445
'20#.#15.214.224':445
'20#.#15.95.102':445
'20#.#15.194.18':445
'20#.#15.86.194':445
'20#.#15.16.132':445
'20#.#15.218.109':445
'20#.#15.18.91':445
'20#.#15.12.9':445
'20#.#15.148.117':445
'20#.#15.11.39':445
'20#.#15.40.55':445
'20#.#15.7.99':445
'20#.#15.113.7':445
'20#.#15.177.229':445
'20#.#15.201.220':445
'20#.#15.26.110':445
'20#.#15.109.46':445
'20#.#15.100.111':139
'20#.#15.5.241':139
'20#.#15.158.180':139
'20#.#15.246.46':139
'20#.#15.26.146':139
'20#.#15.252.187':139
'20#.#15.251.52':139
'20#.#15.80.150':139
'20#.#15.46.35':139
'20#.#15.152.132':139
'20#.#15.2.63':139
'20#.#15.10.16':139
'20#.#15.23.216':139
'20#.#15.160.106':139
'20#.#15.38.68':139
'20#.#15.228.121':139
'20#.#15.229.254':139
'20#.#15.68.125':139
'20#.#15.137.156':139
'20#.#15.150.200':139
'20#.#15.207.93':139
'20#.#15.14.232':139
'20#.#15.196.14':139
'20#.#15.154.74':139
'20#.#15.117.161':445
'20#.#15.182.223':445
'20#.#15.221.237':445
'20#.#15.83.37':445
'20#.#15.151.225':445
'20#.#15.75.120':445
'20#.#15.105.76':445
'20#.#15.117.161':139
'20#.#15.148.117':139
'20#.#15.11.39':139
'20#.#15.188.175':445
'20#.#15.88.188':139
'20#.#15.250.113':139
'20#.#15.24.229':445
'20#.#15.219.35':445
'20#.#15.198.234':445
'20#.#15.222.94':445
'20#.#15.5.82':445
'20#.#15.217.236':445
'20#.#15.34.231':445
'20#.#15.111.39':445
'20#.#15.137.116':445
'20#.#15.82.77':445
'20#.#15.41.94':445
'20#.#15.231.8':445
'20#.#15.246.9':139
'20#.#15.194.18':139
'20#.#15.86.194':139
'20#.#15.47.58':139
'20#.#15.4.224':139
'20#.#15.17.98':139
'20#.#15.95.102':139
'20#.#15.88.188':445
'20#.#15.250.113':445
'20#.#15.16.132':139
'20#.#15.236.122':139
'20#.#15.214.224':139
'20#.#15.12.9':139
'20#.#15.201.220':139
'20#.#15.26.110':139
'20#.#15.218.109':139
'20#.#15.40.55':139
'20#.#15.18.91':139
'20#.#15.177.229':139
'20#.#15.76.26':139
'20#.#15.170.118':139
'20#.#15.109.46':139
'20#.#15.7.99':139
'20#.#15.113.7':139
'20#.#15.51.244':445
'20#.#15.25.175':445
'20#.#15.87.25':445
'20#.#15.143.132':445
'20#.#15.179.177':445
'20#.#15.210.97':445
'20#.#15.169.20':445
'20#.#15.45.118':445
'20#.#15.192.74':445
'20#.#15.207.86':445
'20#.#15.93.134':445
'20#.#15.20.91':445
'20#.#15.140.74':445
'20#.#15.84.72':445
'20#.#15.247.24':445
'20#.#15.66.129':139
'20#.#15.131.222':139
'20#.#15.51.154':445
'20#.#15.48.157':445
'20#.#15.121.107':445
'20#.#15.106.105':445
'20#.#15.48.139':445
'20#.#15.26.138':445
'20#.#15.66.108':445
'20#.#15.77.186':445
'20#.#15.126.146':445
'20#.#15.184.125':445
'20#.#15.183.251':445
'20#.#15.148.105':445
'20#.#15.43.81':445
'20#.#15.84.115':445
'20#.#15.32.182':445
'20#.#15.125.240':445
'20#.#15.22.185':445
'20#.#15.117.141':445
'20#.#15.72.219':445
'20#.#15.154.88':445
'20#.#15.42.155':445
'20#.#15.73.30':445
'20#.#15.160.11':445
'20#.#15.40.160':445
'20#.#15.89.40':445
'20#.#15.73.56':445
'20#.#15.252.17':445
'20#.#15.251.103':445
'20#.#15.79.28':445
'20#.#15.179.248':445
'20#.#15.58.243':445
'20#.#15.218.97':139
'20#.#15.87.25':139
'20#.#15.207.86':139
'20#.#15.93.134':139
'20#.#15.210.97':139
'20#.#15.51.244':139
'20#.#15.25.175':139
'20#.#15.192.74':139
'20#.#15.160.11':139
'20#.#15.40.160':139
'20#.#15.20.91':139
'20#.#15.169.20':139
'20#.#15.45.118':139
'20#.#15.66.108':139
'20#.#15.247.24':139
'20#.#15.48.139':139
'20#.#15.140.74':139
'20#.#15.106.105':139
'20#.#15.51.154':139
'20#.#15.121.107':139
'20#.#15.143.132':139
'20#.#15.179.177':139
'20#.#15.26.138':139
'20#.#15.84.72':139
'20#.#15.48.157':139
'20#.#15.184.125':139
'20#.#15.22.185':139
'20#.#15.117.141':139
'20#.#15.43.81':139
'20#.#15.77.186':139
'20#.#15.126.146':139
'20#.#15.125.240':139
'20#.#15.40.169':139
'20#.#15.64.130':139
'20#.#15.72.219':139
'20#.#15.84.115':139
'20#.#15.32.182':139
'20#.#15.73.30':139
'20#.#15.79.28':139
'20#.#15.179.248':139
'20#.#15.89.40':139
'20#.#15.154.88':139
'20#.#15.42.155':139
'20#.#15.251.103':139
'20#.#15.183.251':139
'20#.#15.148.105':139
'20#.#15.58.243':139
'20#.#15.73.56':139
'20#.#15.252.17':139
'20#.#15.72.188':139
'20#.#15.198.106':139
'20#.#15.42.150':139
'20#.#15.26.161':445
'20#.#15.17.159':445
'20#.#15.29.124':139
'20#.#15.36.239':139
'20#.#15.243.77':139
'20#.#15.253.104':139
'20#.#15.151.133':139
'20#.#15.6.147':139
'20#.#15.81.170':139
'20#.#15.152.234':445
'20#.#15.117.172':445
'20#.#15.15.230':445
'20#.#15.135.72':445
'20#.#15.175.134':445
'20#.#15.54.213':445
'20#.#15.169.128':445
'20#.#15.26.52':445
'20#.#15.29.115':445
'20#.#15.209.102':445
'20#.#15.61.187':445
'20#.#15.128.192':445
'20#.#15.72.188':445
'20#.#15.198.106':445
'20#.#15.42.150':445
'20#.#15.191.231':139
'20#.#15.139.183':139
'20#.#15.29.124':445
'20#.#15.36.239':445
'20#.#15.243.77':445
'20#.#15.253.104':445
'20#.#15.151.133':445
'20#.#15.6.147':445
'20#.#15.81.170':445
'20#.#15.79.183':139
'20#.#15.233.4':139
'20#.#15.13.34':139
'20#.#15.136.135':139
'20#.#15.166.147':139
'20#.#15.245.8':139
'20#.#15.72.110':139
'20#.#15.18.43':139
'20#.#15.116.143':139
'20#.#15.169.162':139
'20#.#15.38.178':139
'20#.#15.27.216':139
'20#.#15.103.114':445
'20#.#15.96.11':139
'20#.#15.38.80':139
'20#.#15.148.49':139
'20#.#15.208.39':139
'20#.#15.17.78':139
'20#.#15.214.47':139
'20#.#15.103.114':139
'20#.#15.135.72':139
'20#.#15.175.134':139
'20#.#15.40.232':139
'20#.#15.51.82':139
'20#.#15.97.244':139
'20#.#15.66.129':445
'20#.#15.131.222':445
'20#.#15.121.107':9988
'20#.#15.40.169':445
'20#.#15.64.130':445
'20#.#15.218.97':445
'20#.#15.25.30':139
'20#.#15.214.110':139
'20#.#15.125.144':139
'20#.#15.84.72':9988
'20#.#15.58.243':9988
'20#.#15.77.186':9988
'20#.#15.208.39':445
'20#.#15.17.78':445
'20#.#15.214.47':445
'20#.#15.25.30':445
'20#.#15.214.110':445
'20#.#15.125.144':445
'20#.#15.40.232':445
'20#.#15.51.82':445
'20#.#15.97.244':445
'20#.#15.96.11':445
'20#.#15.38.80':445
'20#.#15.148.49':445
'20#.#15.15.230':139
'20#.#15.209.102':139
'20#.#15.61.187':139
'20#.#15.54.213':139
'20#.#15.152.234':139
'20#.#15.117.172':139
'20#.#15.29.115':139
'20#.#15.26.161':139
'20#.#15.17.159':139
'20#.#15.128.192':139
'20#.#15.169.128':139
'20#.#15.26.52':139

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней