Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = '%APPDATA%\dbu32.ocx,explorer.exe'
- '<SYSTEM32>\svchost.exe'
- %WINDIR%\ppgoiu.npw
- %APPDATA%\dbu32.ocx
- %ALLUSERSPROFILE%\Application Data\shqm\xpnet.rud
- %WINDIR%\aazpq.kab
- <Полный путь к файлу> в %TEMP%\1.tmp
- 'sf##bj.biz':80
- 'll###pnyqks.com':80
- 'wz##ok.ru':80
- 'cd###mvbnt.net':80
- 'zw##cz.net':80
- 'dg###mzl.net':80
- 'gi###cym.org':80
- 'er##ud.ru':80
- 'cn##pg.biz':80
- 'js##vb.biz':80
- 'yi###yhhw.org':80
- 'qy##ubi.biz':80
- 'ea###tvm.org':80
- 'ca###bhw.biz':80
- 'de###vbvhar.org':80
- 'by###vmgc.info':80
- 'ge###atsp.ru':80
- 'cj##nyg.biz':80
- 'qr####cglic.info':80
- 'qo###aeybr.net':80
- 'ma###yp.info':80
- 'jt###yunnvz.ru':80
- 'hx####euelj.info':80
- 'tw###mlcru.com':80
- 'nn##wr.net':80
- DNS ASK dg###mzl.net
- DNS ASK sf##bj.biz
- DNS ASK ll###pnyqks.com
- DNS ASK ea###tvm.org
- DNS ASK cd###mvbnt.net
- DNS ASK zw##cz.net
- DNS ASK wz##ok.ru
- DNS ASK gi###cym.org
- DNS ASK er##ud.ru
- DNS ASK cn##pg.biz
- DNS ASK js##vb.biz
- DNS ASK yi###yhhw.org
- DNS ASK qy##ubi.biz
- DNS ASK qr####cglic.info
- DNS ASK ca###bhw.biz
- DNS ASK de###vbvhar.org
- DNS ASK microsoft.com
- DNS ASK ge###atsp.ru
- DNS ASK cj##nyg.biz
- DNS ASK by###vmgc.info
- DNS ASK qo###aeybr.net
- DNS ASK ma###yp.info
- DNS ASK jt###yunnvz.ru
- DNS ASK hx####euelj.info
- DNS ASK tw###mlcru.com
- DNS ASK nn##wr.net
- ClassName: '58934' WindowName: '4930'