Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Media' = '<SYSTEM32>\WmInit.exe'
- <SYSTEM32>\WmInit.exe "<Полный путь к вирусу>"
- <SYSTEM32>\WmInit.exe
- <SYSTEM32>\WmInit.dat
- '5.#.193.52':53108
- 't1###18190.info':53100
- 't1###18191.net':53100
- 't1###18191.org':53100
- '5.#.193.52':53106
- '5.#.193.52':53104
- '5.#.193.52':53100
- 't1###18190.net':53100
- '5.#.193.52':53109
- '5.#.193.52':53107
- DNS ASK t1###18191.org
- DNS ASK t1###18190.com
- DNS ASK t1###18191.net
- DNS ASK t1###18190.net
- DNS ASK t1###18190.info
- ClassName: 'SysListView32' WindowName: ''