Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\XboxUpdateAgent\Parameters] 'ServiceDll' = '<SYSTEM32>\xboxlivstor.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\XboxUpdateAgent] 'ImagePath' = '<SYSTEM32>\svchost.exe -k xboxlivestorage'
- [<HKLM>\SYSTEM\ControlSet001\Services\XboxUpdateAgent] 'Start' = '00000002'
- '<SYSTEM32>\attrib.exe' -s "del /Q /a "s"\*.*
- '%WINDIR%\sleep.exe' 10
- '<SYSTEM32>\svchost.exe' -k xboxlivestorage
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\Deleteme.bat
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\index2[1].php
- %WINDIR%\Temp\1577.jpg
- <SYSTEM32>\xboxlivstor.dll
- %TEMP%\Deleteme.bat
- '6g######2k42k66c.onion.to':80
- 'localhost':1036
- http://6g######2k42k66c.onion.to/index2.php?no#########
- DNS ASK 6g######2k42k66c.onion.to