Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Msns' = '%WINDIR%\msnmsgsr2.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- <SYSTEM32>\netsh.exe firewall set opmode disable
- %TEMP%\blohosoosos
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hosts[1].txt
- %WINDIR%\msnmsgsr2.exe
- '20#.#51.93.133':80
- 'localhost':1037
- 'sj#####uceno.mg.gov.br':80
- 20#.#51.93.133/hosts.txt
- sj#####uceno.mg.gov.br/web.mail/go.php
- DNS ASK sj#####uceno.mg.gov.br