Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Trickler' = '"<Полный путь к вирусу>"'
- %TEMP%\trickler\GTR1.tmp
- %TEMP%\trickler\GTD2.tmp
- %TEMP%\trickler\GTI6.tmp
- %TEMP%\trickler\GTJ3.tmp
- %TEMP%\trickler\GTC5.tmp
- %TEMP%\trickler\accum\GTA4.tmp
- %TEMP%\trickler\GTD2.tmp
- %TEMP%\trickler\GTI6.tmp
- %TEMP%\trickler\GTR1.tmp
- %TEMP%\trickler\GTJ3.tmp
- %TEMP%\trickler\GTC5.tmp
- %TEMP%\trickler\accum\GTA4.tmp
- 'tr####e.gator.com':80
- 'gs.##tor.com':80
- 'localhost':1034
- tr####e.gator.com/download/trickler.inf
- gs.##tor.com/Cmd/client_log_event
- DNS ASK tr####e.gator.com
- DNS ASK gs.##tor.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Trickler_WndClass' WindowName: ''