Техническая информация
- '<SYSTEM32>\wscript.exe' "%TEMP%\StealerYYY.vbs"
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -Embedding
- [<HKLM>\SOFTWARE\Activision\Call of Duty 2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\keys[1]
- %TEMP%\StealerYYY.vbs
- 'ch######a-blank.bplaced.net':80
- 'localhost':1039
- http://ch######a-blank.bplaced.net/logs/Call%20of%20Duty%202/keys.php/?ke##
- DNS ASK ch######a-blank.bplaced.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''