Техническая информация
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 2 "<Полный путь к вирусу>"
- %APPDATA%\Roaming\Microsoft\SystemCertificates\My\Keys\F969DE111A5F5AA069E5A7ACF419AC88BAC00373
- %APPDATA%\Roaming\Microsoft\SystemCertificates\My\Certificates\2A3E8BDECE52F5E8732C48750835BC40D6486646
- %APPDATA%\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2832440558-3064306045-1455513625-1000\b5f2d0a80a4259629ab36a9eb7e26301_97c09787-6498-4b10-8f65-9471d842c55e
- DNS ASK sf.##mcb.com
- DNS ASK sf.##mcd.com
- DNS ASK crl.microsoft.com
- DNS ASK ap#.##tbrowse.com
- DNS ASK oc##.#erisign.com
- DNS ASK ct###.#indowsupdate.com
- DNS ASK crl.verisign.com
- DNS ASK dn#.##ftncsi.com
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''