Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'debug02.exe' = '<SYSTEM32>\debug02.exe'
- <SYSTEM32>\debug02.exe
- <SYSTEM32>\debug01.exe
- <SYSTEM32>\debug.ini
- <SYSTEM32>\debug2.ini
- <SYSTEM32>\debug01.exe
- <SYSTEM32>\debug02.exe
- '12#.#28.206.8':13
- 'ba##.#zone.qq.com':80
- ba##.#zone.qq.com/fcg-bin/cgi_get_portrait.fcg?ui#############
- DNS ASK ba##.#zone.qq.com
- ClassName: '' WindowName: '<Имя вируса>.exe'
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'debug01.exe'
- ClassName: '' WindowName: 'debug02.exe'