Техническая информация
- %TEMP%\u995.exe
- %TEMP%\lol_original.exe
- ClassName: 'OLLYDBG' WindowName: ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyServer' = '127.0.0.1:9666'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyOverride' = '127.0.0.1'
- [<HKLM>\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings] 'ProxyEnable' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1C00' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] 'CurrentLevel' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyEnable' = '00000001'
- %TEMP%\~gdojoiisuiq6j8m
- %TEMP%\~iizdicjpojq7f6r
- %TEMP%\Crypted.exe
- %TEMP%\lol_original.exe
- %TEMP%\u995.exe
- '65.#9.2.13':443
- '65.#9.2.11':443
- '65.#9.2.15':443
- DNS ASK xi##.##wxyeeb.2ch2.info
- DNS ASK kd##.##cqxqbq.39kf.info
- DNS ASK uy##.##dxcdxf.3nhr.info
- DNS ASK go##lr.com
- DNS ASK go####-desktop.com
- DNS ASK go##le.lv
- DNS ASK gu##.##fvtcwa.3rot.info
- DNS ASK zr##.##ddybyv.2-ch.info
- DNS ASK pv##.##bfqeax.4eht.info
- DNS ASK lk##.##cxwxzt.4tvh.info
- DNS ASK zb##.##ftcreu.3nin.info
- DNS ASK wf##.##cbuuvw.22zw.info
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'WispWindowClass' WindowName: ''