Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wminit' = '%CommonProgramFiles%\System\wminit.exe'
- %CommonProgramFiles%\System\wminit.exe "<Полный путь к вирусу>"
- %CommonProgramFiles%\System\wminit.exe
- %CommonProgramFiles%\System\wminit.dat
- '17#.#08.133.202':35113
- '17#.#08.133.202':35110
- '17#.#08.133.202':35112
- '17#.#08.133.202':35114
- 'te###90909.info':7900
- '17#.#08.133.202':35104
- 'te####99977.info':7900
- '17#.#08.133.202':35109
- '17#.#08.133.202':35105
- '17#.#08.133.202':35115
- 'te####29405.info':7900
- 'ma###23450.info':7900
- 'mt###15055.info':7900
- '17#.#08.133.202':35108
- '17#.#08.133.202':35102
- '17#.#08.133.202':35111
- 'ne####d7900.info':7900
- 's9###599.info':7900
- '17#.#08.133.202':35107
- '17#.#08.133.202':35103
- '17#.#08.133.202':35100
- '17#.#08.133.202':35106
- DNS ASK te###90909.info
- DNS ASK te####29405.info
- DNS ASK te####99977.info
- DNS ASK s9###599.info
- DNS ASK ma###23450.info
- DNS ASK mt###15055.info
- DNS ASK ne####d7900.info