Техническая информация
- %WINDIR%\BFZ.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\dy[1].html
- <SYSTEM32>\ESPI11.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\dx[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\sky[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\cf[1]
- %WINDIR%\BFZ.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\dng8[1]
- %WINDIR%\CFBFZ.dll
- %WINDIR%\Loader.dll
- %WINDIR%\Inject.dll
- из <Полный путь к вирусу> в <Текущая директория>\РЬГЁёЁЦъ Нш°ЙјТНҐНЁУГ°ж.exe
- 'www.cf##hua.com':80
- 'www.xe##8.com':80
- '51##z.cn':80
- 'localhost':1041
- 'localhost':1037
- 'www.dn##.com':80
- 'www.27#.cc':80
- www.xe##8.com/dx.html
- 51##z.cn/cf/
- 51##z.cn/321/sky.html
- www.cf##hua.com/dy.html
- www.dn##.com/
- www.27#.cc/a.txt
- www.27#.cc/b.txt
- DNS ASK www.cf##hua.com
- DNS ASK www.xe##8.com
- DNS ASK www.51##z.cn
- DNS ASK www.dn##.com
- DNS ASK www.27#.cc
- DNS ASK 51##z.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''