Техническая информация
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\cscript.exe
- %WINDIR%\ijjdw.fjy
- %WINDIR%\ijjdw.fjy
- %WINDIR%\ijjdw.fjy
- из <Полный путь к вирусу> в %TEMP%\1.tmp
- '13#.#18.139.180':33816
- '49.##4.155.214':33816
- '18#.#23.220.235':33816
- '98.##6.243.225':33816
- '78.##.193.228':33816
- '18#.#67.248.215':33816
- '2.#.41.235':33816
- '10#.#08.163.5':33816
- '84.##1.213.31':33816
- '21#.#1.115.126':33816
- '79.##.215.51':33816
- '18#.#88.155.206':33816
- '19#.#11.113.90':33816
- '18#.#35.78.183':33816
- '20#.#11.228.90':33816
- DNS ASK lo####ollyboobs.biz
- DNS ASK microsoft.com
- DNS ASK google.com