Trojan.Starman.5586

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe

Сетевая активность:

Подключается к:

'62.##.143.21':139
'62.##.213.146':139
'62.##.152.186':139
'62.##.252.122':139
'62.#5.70.40':139
'62.##.163.80':139
'62.#5.6.79':139
'62.#5.74.21':139
'62.##.245.200':139
'62.#5.77.91':139
'62.#5.151.1':139
'62.##.243.250':139
'62.##.156.131':139
'62.##.100.251':139
'62.##.216.243':139
'62.##.217.11':139
'62.##.36.208':139
'62.##.218.124':139
'62.#5.2.79':139
'62.##.191.156':139
'62.##.151.96':139
'62.##.237.159':445
'62.##.191.96':445
'62.##.159.174':445
'62.##.138.62':445
'62.##.165.89':445
'62.##.217.11':445
'62.##.100.251':445
'62.##.216.243':445
'62.##.79.239':445
'62.##.243.127':445
'62.#5.106.7':445
'62.#5.1.29':445
'62.##.35.229':445
'62.##.171.233':139
'62.##.167.53':139
'62.#5.84.84':139
'62.#5.1.158':445
'62.#5.11.67':445
'62.##.158.88':445
'62.##.184.233':445
'62.##.120.191':445
'62.##.29.243':139
'62.##.152.24':445
'62.##.243.37':139
'62.#5.82.97':139
'62.#5.37.96':139
'62.##.139.176':445
'62.##.97.137':445
'62.##.115.245':445
'62.##.53.246':445
'62.##.193.184':445
'62.##.177.15':139
'62.##.152.24':139
'62.##.53.246':139
'62.#5.72.55':445
'62.#5.94.86':445
'62.##.123.94':445
'62.##.97.137':139
'62.##.243.238':139
'62.##.139.176':139
'62.##.193.184':139
'62.##.115.245':139
'62.##.138.62':139
'62.##.165.89':139
'62.#5.106.7':139
'62.#5.1.158':139
'62.#5.11.67':139
'62.##.79.239':139
'62.##.243.127':139
'62.##.191.96':139
'62.##.159.174':139
'62.##.237.159':139
'62.##.158.88':139
'62.#5.37.96':445
'62.##.243.37':445
'62.#5.82.97':445
'62.##.243.238':445
'62.##.177.15':445
'62.##.184.233':139
'62.##.120.191':139
'62.##.35.229':139
'62.##.29.243':445
'62.#5.1.29':139
'62.##.115.139':139
'62.##.205.160':139
'62.##.25.111':139
'62.##.245.25':139
'62.##.69.216':139
'62.##.13.173':139
'62.##.252.217':139
'62.#5.95.86':139
'62.##.11.123':139
'62.##.232.12':139
'62.##.184.33':139
'62.#5.98.89':139
'62.##.193.199':139
'62.#5.98.32':445
'62.##.83.139':445
'62.##.76.195':445
'62.##.158.149':139
'62.##.121.179':139
'62.##.60.219':139
'62.#5.58.91':139
'62.#5.27.84':139
'62.##.125.240':139
'62.##.219.125':139
'62.#5.4.71':139
'62.#5.10.22':139
'62.##.128.142':139
'62.##.130.40':139
'62.##.150.87':139
'62.##.158.25':139
'62.##.215.154':139
'62.#5.25.99':139
'62.#5.1.245':139
'62.##.171.144':139
'62.##.73.191':139
'62.##.104.149':139
'62.#5.21.31':139
'62.##.177.208':139
'62.##.87.205':139
'62.##.176.125':139
'62.#5.60.64':139
'62.##.134.221':139
'62.##.128.47':139
'62.#5.77.91':445
'62.#5.74.21':445
'62.##.245.200':445
'62.##.143.21':445
'62.##.213.146':445
'62.#5.84.84':445
'62.##.171.233':445
'62.##.167.53':445
'62.##.163.80':445
'62.#5.6.79':445
'62.##.152.186':445
'62.##.151.96':445
'62.#5.2.79':445
'62.##.191.156':445
'62.##.243.250':445
'62.##.156.131':445
'62.##.252.122':445
'62.#5.70.40':445
'62.#5.151.1':445
'62.##.36.208':445
'62.##.218.124':445
'62.##.139.58':445
'62.##.30.128':445
'62.##.37.245':445
'62.#5.98.32':139
'62.#5.13.19':445
'62.##.16.194':445
'62.##.72.120':445
'62.##.49.206':445
'62.##.13.144':445
'62.##.207.13':445
'62.##.76.195':139
'62.##.30.128':139
'62.##.13.144':139
'62.##.139.58':139
'62.#5.13.19':139
'62.##.37.245':139
'62.##.72.120':139
'62.##.83.139':139
'62.##.16.194':139
'62.##.207.13':139
'62.##.49.206':139
'62.##.53.120':445
'62.#5.95.60':445
'62.##.135.210':445
'62.#5.44.34':445
'62.#5.31.79':445
'62.##.207.72':445
'62.##.136.68':445
'62.##.79.121':445
'62.#5.54.54':445
'62.##.63.113':445
'62.##.120.95':445
'62.##.180.34':139
'62.#5.1.141':139
'62.##.73.190':139
'62.##.22.121':139
'62.##.190.22':139
'62.##.194.122':139
'62.##.105.99':445
'62.##.144.119':139
'62.#5.18.60':139
'62.##.184.200':139
'62.##.72.173':445
'62.##.43.214':445
'62.##.182.59':445
'62.##.42.204':445
'62.#5.12.49':445
'62.##.144.60':445
'62.##.137.78':445
'62.##.90.247':445
'62.##.110.213':445
'62.##.248.11':445
'62.#5.177.7':445
'62.##.188.182':445
'62.##.34.131':445
'62.##.226.193':445
'62.##.196.192':445
'62.##.160.136':445
'62.#5.95.76':445
'62.#5.84.6':445
'62.##.33.131':445
'62.##.221.221':445
'62.##.26.235':445
'62.##.226.193':139
'62.##.188.182':139
'62.##.160.136':139
'62.##.136.68':139
'62.##.196.192':139
'62.##.33.131':139
'62.#5.95.76':139
'62.##.26.235':139
'62.##.34.131':139
'62.##.221.221':139
'62.##.207.72':139
'62.#5.31.79':139
'62.##.135.210':139
'62.##.105.99':139
'62.#5.44.34':139
'62.#5.95.60':139
'62.##.63.113':139
'62.##.79.121':139
'62.#5.54.54':139
'62.##.120.95':139
'62.##.53.120':139
'62.##.237.207':139
'62.##.39.219':139
'62.##.176.238':139
'62.##.137.78':139
'62.##.238.155':139
'62.##.12.233':139
'62.##.120.247':139
'62.##.148.53':139
'62.##.40.142':139
'62.##.137.248':139
'62.##.144.60':139
'62.#5.12.49':139
'62.##.182.59':139
'62.##.42.204':139
'62.#5.84.6':139
'62.#5.177.7':139
'62.##.248.11':139
'62.##.90.247':139
'62.##.110.213':139
'62.##.72.173':139
'62.##.43.214':139
'62.##.123.94':139
'62.#5.72.55':139
'62.#5.94.86':139
'62.##.113.231':139
'62.#5.45.68':139
'62.##.21.101':445
'62.#5.69.21':445
'62.##.101.114':445
'62.#5.3.235':445
'62.##.114.19':445
'62.#5.2.177':139
'62.##.83.141':139
'62.##.134.46':139
'62.##.10.182':139
'62.##.166.222':139
'62.##.110.240':139
'62.#5.57.21':139
'62.##.130.56':139
'62.##.247.90':139
'62.##.160.20':139
'62.##.234.228':139
'62.##.234.228':445
'62.##.247.90':445
'62.##.160.20':445
'62.##.83.141':445
'62.##.134.46':445
'62.##.113.231':445
'62.#5.45.68':445
'62.#5.2.177':445
'62.#5.57.21':445
'62.##.130.56':445
'62.##.10.182':445
'62.##.207.58':445
'62.#5.97.42':445
'62.##.75.216':445
'62.##.100.74':445
'62.##.199.252':445
'62.##.166.222':445
'62.##.110.240':445
'62.##.15.218':445
'62.##.110.221':445
'62.##.115.222':445
'62.#5.18.60':445
'62.##.184.200':445
'62.#5.1.141':445
'62.##.73.190':445
'62.##.180.34':445
'62.##.135.210':9988
'62.##.160.136':9988
'62.#5.44.34':9988
'62.##.144.119':445
'62.##.194.122':445
'62.##.190.22':445
'62.##.39.219':445
'62.##.40.142':445
'62.##.237.207':445
'62.##.238.155':445
'62.##.176.238':445
'62.##.120.247':445
'62.##.22.121':445
'62.##.12.233':445
'62.##.137.248':445
'62.##.148.53':445
'62.##.199.252':139
'62.##.75.216':139
'62.##.100.74':139
'62.##.21.101':139
'62.#5.69.21':139
'62.##.115.222':139
'62.##.15.218':139
'62.##.110.221':139
'62.##.207.58':139
'62.#5.97.42':139
'62.##.101.114':139
'62.##.110.213':9988
'62.##.248.11':9988
'62.##.33.131':9988
'62.##.226.193':9988
'62.##.188.182':9988
'62.#5.3.235':139
'62.##.114.19':139
'62.##.39.219':9988
'62.##.144.60':9988
'62.##.176.238':9988

Технології

Терміни

Навчання

Міфи

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней