Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Adobe Reader 2.0' = '%APPDATA%\imeac.exe s'
- <SYSTEM32>\svchost.exe
- %APPDATA%\imeac.exe
- %TEMP%\1.tmp
- 'ta#####ree.xxxy.info':80
- 'ta###i.ocry.com':1863
- 'ta###i.ocry.com':443
- 'ta#####ree.xxxy.info':1863
- 'ta#####ree.xxxy.info':443
- 'ta#####ree.xxxy.info':8080
- 'ti####ee.hopto.org':443
- 'ti####ee.hopto.org':8080
- 'ti####ee.hopto.org':80
- 'ta###i.ocry.com':8080
- 'ta###i.ocry.com':80
- 'ti####ee.hopto.org':1863
- ta#####ree.xxxy.info/View?id################
- ta###i.ocry.com/View?id################
- ti####ee.hopto.org/View?id################
- DNS ASK ta###i.ocry.com
- DNS ASK ta#####ree.xxxy.info
- DNS ASK ti####ee.hopto.org
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Indicator' WindowName: ''