Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- ClassName: 'OLLYDBG' WindowName: ''
- %TEMP%\BIT4.tmp
- %TEMP%\BIT5.tmp
- %TEMP%\BIT6.tmp
- %TEMP%\BIT1.tmp
- %TEMP%\BIT2.tmp
- %TEMP%\BIT3.tmp
- %TEMP%\1478760096
- %TEMP%\1478760103
- %TEMP%\1478760108
- %TEMP%\1478760015
- %TEMP%\1478760058
- %TEMP%\1478760073
- %TEMP%\BIT4.tmp в %TEMP%\1478760096
- %TEMP%\BIT5.tmp в %TEMP%\1478760103
- %TEMP%\BIT6.tmp в %TEMP%\1478760108
- %TEMP%\BIT1.tmp в %TEMP%\1478760015
- %TEMP%\BIT2.tmp в %TEMP%\1478760058
- %TEMP%\BIT3.tmp в %TEMP%\1478760073
- 'ne####ringsite.com':80
- 'localhost':1046
- 'localhost':1051
- 'localhost':1053
- 'localhost':1052
- 'localhost':1042
- 'wp#d':80
- 'th####sharing.com':80
- 'ne###arings.com':80
- 'localhost':1044
- http://ne###arings.com/gettasks2.php?pr################################################################
- http://ne####ringsite.com/gettasks2.php?pr################################################################
- http://11#.#11.111.1/wpad.dat via wp#d
- http://th####sharing.com/gettasks2.php?pr################################################################
- DNS ASK ne###arings.com
- DNS ASK ne####ringsite.com
- DNS ASK wp#d
- DNS ASK th####sharing.com