Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Somefox' = '<Полный путь к вирусу>'
- %TEMP%\a.exe
- %TEMP%\a.exe (загружен из сети Интернет)
- %TEMP%\a.exe
- '19#.#43.179.7':80
- 'bi#####ecatalogue.com':80
- 'im###ibrary.com':80
- '11#.#49.201.199':80
- bi#####ecatalogue.com/icons/logo.gif
- 19#.#43.179.7/images/logo.gif
- 11#.#49.201.199/images/logo.gif
- im###ibrary.com/images/logo.gif
- DNS ASK bi#####ecatalogue.com
- DNS ASK pi####esbase.com
- DNS ASK pi####es-base.com
- DNS ASK im###ibrary.com
- DNS ASK pi#####s-library.com
- DNS ASK im####-library.com
- ClassName: 'Indicator' WindowName: ''