Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Полный путь к вирусу>' = '<Полный путь к вирусу>:*:Enabled:MP3 Converter'
- %TEMP%\is799009782\949666361.cfg
- %TEMP%\is799009782\607685322.cfg
- %TEMP%\is799009782\1298284803.cfg
- %TEMP%\is799009782\598285341.cfg
- 'eu####.nbeshine.com':80
- 'us####.nbeshine.com':80
- 'go###.wakechao.com':80
- eu####.nbeshine.com/Bund/Babylon/Babylon8_setup_15627.cis
- eu####.nbeshine.com/Prod/AudioConverter1.1.cis
- us####.nbeshine.com/Bund/Babylon/Babylon8_setup_15627.cis
- go###.wakechao.com/vscript/utils/IP2CC.psc
- us####.nbeshine.com/Prod/AudioConverter1.1.cis
- go###.wakechao.com/vscript/vercheck.psc?pc#############
- DNS ASK eu####.nbeshine.com
- DNS ASK us####.nbeshine.com
- DNS ASK go###.wakechao.com
- ClassName: 'Shell_TrayWnd' WindowName: ''