Техническая информация
- <Полный путь к вирусу>
- 'www.so##.com':80
- 'b.###ne.qq.com':80
- www.so##.com/tb.q?ci##################
- b.###ne.qq.com/cgi-bin/blognew/blog_output_data?ui#############################
- DNS ASK www.so##.com
- DNS ASK b.###ne.qq.com
- ClassName: '#32770' WindowName: 'RL!dePacker - Generic Unpacker'
- ClassName: 'ThunderRT6FormDC' WindowName: '??????????'
- ClassName: 'NoLoVeR' WindowName: 'NoLoVeR - [CPU]'
- ClassName: '1212121' WindowName: 'OllyICE - [CPU]'
- ClassName: 'TForm1' WindowName: '????????????????'
- ClassName: 'TMainForm' WindowName: 'vzl 1.0'
- ClassName: 'TFrmMain' WindowName: '???????? V0.6 Beta Build 0306'
- ClassName: 'WTWindow' WindowName: '?????????? [2011-02-10] ( ?????? )( ?????? )'
- ClassName: 'TForm1' WindowName: '?????????????? v 2.0 By ZzAge[LCG]'
- ClassName: '#32770' WindowName: 'Jiack??????'
- ClassName: 'TForm1' WindowName: 'Exeinfo PE - ver.0.0.2.4 by A.S.L - 514 sign 2009.06.10'
- ClassName: '(null)' WindowName: 'CE.exe'
- ClassName: '(null)' WindowName: 'OD.exe'
- ClassName: 'TForm1' WindowName: 'Exeinfo PE - ver.0.0.2.1 by A.S.L - 450 sign 2008.11.05'
- ClassName: 'Jiack ' WindowName: 'Jiack - [LCG]'
- ClassName: 'Jiack ' WindowName: 'Jiack '
- ClassName: 'TForm1' WindowName: 'Exeinfo PE - ver.0.0.2.7 by A.S.L - 564 sign 2010.03.26'
- ClassName: 'TForm1' WindowName: 'Exeinfo PE - ver.0.0.2.9 by A.S.L - 609 sign 2011.07.29'