Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\VRVWatchServer] 'Start' = '00000002'
- '<SYSTEM32>\VrvEisp.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 2 "<Полный путь к вирусу>"
- <SYSTEM32>\SystemInfo.dat
- <SYSTEM32>\VrvEisp.exe
- <SYSTEM32>\Vrvarpl.exe
- 'localhost':22105
- '25#.#55.255.255':188
- '25#.#55.255.255':88
- ClassName: '' WindowName: 'VRVEIS-CLIENT'