Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\kjo23bk] 'Start' = '00000001'
- NtTerminateProcess, драйвер-обработчик: kjo23bk.dll
- NtOpenKey, драйвер-обработчик: kjo23bk.dll
- NtCreateKey, драйвер-обработчик: kjo23bk.dll
- %WINDIR%\kjo23bk.dll
- 'ma##.##uster-club.info':25
- '20#.#6.232.182':25
- 'il####verybody.kz':80
- '20#.#2.169.54':80
- 'il####verybody.tj':80
- '74.##5.232.51':80
- '20#.#2.169.15':80
- '74.##5.232.51':25
- 'ma##.aol.com':25
- '67.##5.160.76':25
- 20#.#2.169.15/nnn2
- 20#.#2.169.15/nnn1
- 20#.#2.169.54/login.php
- il####verybody.tj/login.php
- il####verybody.kz/login.php
- DNS ASK cl####r-club.info
- DNS ASK ma##.#icrosoft.com
- DNS ASK microsoft.com
- DNS ASK il####verybody.tj
- DNS ASK il####verybody.kz
- DNS ASK ma##.##uster-club.info
- DNS ASK ya##o.com
- DNS ASK ma##.google.com
- DNS ASK google.com
- DNS ASK ma##.aol.com
- DNS ASK ao#.com
- DNS ASK ma##.yahoo.com