Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AdobeworkConnections] 'Start' = '00000002'
- bdagent.exe
- %TEMP%\`.txt
- %TEMP%\`.dll
- %ALLUSERSPROFILE%\Application Data\12345.txt
- %ALLUSERSPROFILE%\Application Data\KB09234.exe
- %TEMP%\SSDt.exe
- %TEMP%\KB980
- %TEMP%\Loadlogging
- %ALLUSERSPROFILE%\Application Data\KB09770.exe
- %ALLUSERSPROFILE%\Application Data\KB09234.exe
- <Полный путь к вирусу>
- %TEMP%\Loadlogging
- %TEMP%\KB980
- 'w3####.localdomain':3
- 'w4####.localdomain':4
- 'et##.cable.nu':2976
- 'jh###.cable.nu':2976
- DNS ASK w3####.localdomain
- DNS ASK w4####.localdomain
- DNS ASK et##.cable.nu
- DNS ASK jh###.cable.nu