Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wminit' = '%CommonProgramFiles%\System\wminit.exe'
- %CommonProgramFiles%\System\wminit.exe "<Полный путь к вирусу>"
- %CommonProgramFiles%\System\wminit.exe
- %CommonProgramFiles%\System\wminit.dat
- '20#.#69.186.28':35112
- '20#.#69.186.28':35105
- 'te####09909.info':7900
- 'te####29405.info':7900
- '20#.#69.186.28':35107
- '20#.#69.186.28':35100
- '20#.#69.186.28':35111
- '20#.#69.186.28':35101
- '20#.#69.186.28':35102
- '20#.#69.186.28':35108
- '20#.#69.186.28':35110
- '20#.#69.186.28':35115
- '20#.#69.186.28':35114
- 's9###599.info':7900
- DNS ASK te####29405.info
- DNS ASK te####26555.info
- DNS ASK s9###599.info
- DNS ASK te####09909.info