Техническая информация
- [<HKLM>\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] '' = '"<Полный путь к вирусу>" -a "%PROGRAM_FILES%\Internet Explorer\iexplore.exe"'
- %TEMP%\j22yh77uyea5n11afn3lklse74838ceio
- %HOMEPATH%\Templates\j22yh77uyea5n11afn3lklse74838ceio
- <LS_APPDATA>\j22yh77uyea5n11afn3lklse74838ceio
- %ALLUSERSPROFILE%\Application Data\j22yh77uyea5n11afn3lklse74838ceio
- 'qi####zeficu.com':80
- 'wo####bakuxak.com':80
- DNS ASK qi####zeficu.com
- DNS ASK wo####bakuxak.com
- '<IP-адрес в локальной сети>':1037
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'msascui_class' WindowName: ''