Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BrowserSys] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\Com\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- <SYSTEM32>\Com\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- из <Полный путь к вирусу> в <Полный путь к вирусу>1
- 'gl###ss-map.com':80
- '88.##8.184.241':443
- gl###ss-map.com/AppnaYclWVP9yG0EkXCeh9YsU3BjhlrV9iNQlXuzjS.iqPK31x2xuKxO45owkjuQmy7xEaWnfMRlYzusYZPAe0AKd7fq0KeBY1pI73bDIOJMk9xHARIn652XnY/a4Xz2K.sDdPGs-.shtml
- gl###ss-map.com/fxRLYPJUGFZoDjy/6.slP5rkiqnhubbEtHBjTinP.QOL1oiQwf3DD1vNcJjMI.cgi?Zn###########################################
- DNS ASK gl###ss-map.com
- ClassName: ' ?' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '??' WindowName: ''
- ClassName: '?6C' WindowName: ''
- ClassName: ' 7C' WindowName: ''