Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\zipdrivers] 'Start' = '00000002'
- <SYSTEM32>\net1.exe start "zipdrivers"
- <SYSTEM32>\sc.exe create "zipdrivers" binpath= "<Полный путь к вирусу> srv" start= "auto"
- %WINDIR%\Temp\log_012195.txt
- 'fr###pac.net':80
- fr###pac.net/dr/knock_bl1.php?ve################################
- fr###pac.net/dr/knock_bl1.php?ve#######################################
- fr###pac.net/dr/knock_bl1.php?ve##################################
- fr###pac.net/dr/writelog.php
- DNS ASK fr###pac.net
- ClassName: 'Shell_TrayWnd' WindowName: ''