Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '360safe' = '<SYSTEM32>\<Имя вируса>.exe'
- %TEMP%\E_N4\internet.fne
- %TEMP%\E_N4\spec.fne
- %TEMP%\E_N4\shell.fne
- %TEMP%\E_N4\krnln.fnr
- %TEMP%\E_N4\eAPI.fne
- 'www.so##60.com':80
- '12#.#25.114.144':80
- www.so##60.com/tongji/tongji.asp?pu##################################
- www.so##60.com/wb/tian.txt
- 12#.#25.114.144/
- DNS ASK www.so##60.com
- DNS ASK www.ba##u.com