Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'stoner' = '<SYSTEM32>\winsvcx.exe'
- '<SYSTEM32>\winsvcx.exe' --fu <LS_APPDATA>\crak.exe
- '<SYSTEM32>\winsvcx.exe'
- '<LS_APPDATA>\keygen.exe'
- '<LS_APPDATA>\crak.exe'
- <SYSTEM32>\winsvcx.exe
- <LS_APPDATA>\crak.exe
- <LS_APPDATA>\keygen.exe
- 'mi#####it.servebeer.com':6667
- 'ir#.##tstopchat.com':6667
- DNS ASK mi#####it.servebeer.com
- DNS ASK ir#.##tstopchat.com
- ClassName: '(null)' WindowName: 'BitDefender Firewall Alert'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'ZoneAlarm Security Alert'
- ClassName: '(null)' WindowName: 'Windows Security Alert'