Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\W32Time] 'Start' = '00000002'
- '<SYSTEM32>\w32time.exe'
- msnmsgr.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\AES27585O13466[1].jsp
- <SYSTEM32>\awext32.dll
- <SYSTEM32>\w32time.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\AES27585O13466[1].jsp
- 'jp###.strangled.net':80
- jp###.strangled.net/AES27585O13466.jsp?2D##########
- DNS ASK jp###.strangled.net