Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Audio Device' = '%TEMP%\981601.exe'
- из <Полный путь к файлу> в %TEMP%\981601.exe
- 'localhost':1040
- 'bo####.4chan.org':80
- 'wp#d':80
- 'am#####p.am.funpic.de':80
- http://bo####.4chan.org/b/
- http://am#####p.am.funpic.de/pep/moor.txt
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK bo####.4chan.org
- DNS ASK am#####p.am.funpic.de
- DNS ASK wp#d
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''