Trojan.DownLoader33.11312

Добавлен в вирусную базу Dr.Web: 2020-03-04

Описание добавлено: 2020-03-08

Technical Information

Modifies file system

Creates the following files

%TEMP%\23255869137010234.jpg

Network activity

TCP

HTTP GET requests

http://ic###azip.com/
http://92.##.197.190/snd/n.txt
http://92.##.197.190/snd/1028.txt

'uc####.###l.protection.outlook.com':25

'mx###.##il.am0.yahoodns.net':25

'mx####.carrierzone.com':25

'mx##.m1bp.com':25

'ma###jh.35.com':25

'ma##.#ickelhost.com':25

'mx###.in-mx.net':25

'ma##.gaggle.net':25

'mx#.#ol.com.br':25

'xx#.com':25

'ye######.##il.protection.outlook.com':25

'sm####.laposte.net':25

'mx#.##stinger.hr':25

'sm####.vvv.facebook.com':25

'ip######.internode.on.net':25

'alt3.gmail-smtp-in.l.google.com':25

'us#######nbound-1.mimecast.com':25

'ma###.#ailinator.com':25

'mx#######701.gslb.pphosted.com':25

'mx####.##il.gm0.yahoodns.net':25

'mx#.##rthlink.net':25

'mx#####.#ail.gm0.yahoodns.net':25

'si#####l.everyone.net':25

'ff######x-vip1.prodigy.net':25

'cu####.cscdns.net':25

'ut########.mail.protection.outlook.com':25

'cl#######onitoringservices.com':25

'ff######x-vip2.prodigy.net':25

'pa####x.above.com':25

'alt1.aspmx.l.google.com':25

'aspmx.l.google.com':25

'ms#####.##c.protection.outlook.com':25

'mx#.#anmail.net':25

'mx.##.#tinternet.com':25

'mt##.##0.yahoodns.net':25

'mx.######mail.rediff.akadns.net':25

'mx.##obuh.com':25

UDP

DNS ASK ya##o.com
DNS ASK mx####.carrierzone.com
DNS ASK my###rpoint.net
DNS ASK mx.####rmathgamer.com
DNS ASK mx##.#indstream.net
DNS ASK 42#.com
DNS ASK wi###tream.net
DNS ASK mx#.#aver.com
DNS ASK na##r.com
DNS ASK 79##.com
DNS ASK 19##.com
DNS ASK 96##.com
DNS ASK 17##.com
DNS ASK af####athgamer.com
DNS ASK 62##.com
DNS ASK ro###unner.com
DNS ASK ho###ail.com
DNS ASK mx##.m1bp.com
DNS ASK 49##.com
DNS ASK ma##.#ickelhost.com
DNS ASK ho##ile.com
DNS ASK 92##.com
DNS ASK 74##.com
DNS ASK 29##.com
DNS ASK co#.net
DNS ASK ma###jh.35.com
DNS ASK cx#.##.#.cloudfilter.net
DNS ASK ju##l.com
DNS ASK br##non.net
DNS ASK pk#####.#sg.pkvw.co.charter.net
DNS ASK ma##.com
DNS ASK 84##.com
DNS ASK 73##.com
DNS ASK 28##.com
DNS ASK mx.##.##mail.iss.as9143.net
DNS ASK vi##in.net
DNS ASK tt##hoo.com
DNS ASK ad##.on.net
DNS ASK mx#######701.gslb.pphosted.com
DNS ASK mx.##.#tinternet.com
DNS ASK 66##.com
DNS ASK 88##.com
DNS ASK la##ste.net
DNS ASK 12##.com
DNS ASK ma###.#ailinator.com
DNS ASK uc.edu
DNS ASK ip######.internode.on.net
DNS ASK ig.#om.br
DNS ASK ai#.com
DNS ASK th#####estaurants.com
DNS ASK ma###nator.com
DNS ASK 07##.com
DNS ASK sm####.laposte.net
DNS ASK alt3.gmail-smtp-in.l.google.com
DNS ASK 35.com
DNS ASK uc####.###l.protection.outlook.com
DNS ASK st####ts.wwu.edu
DNS ASK ya###.com.sg
DNS ASK mx###.##il.am0.yahoodns.net
DNS ASK sk#.com
DNS ASK go###email.com
DNS ASK re###fnail.com
DNS ASK 45##.com
DNS ASK us#######nbound-1.mimecast.com
DNS ASK 31##.com
DNS ASK 20##.com
DNS ASK 97##.com
DNS ASK 01##.com
DNS ASK 80##.com
DNS ASK mx#.##.correio.biz
DNS ASK cl#######onitoringservices.com
DNS ASK 48##.com
DNS ASK a.#om
DNS ASK sm####.vvv.facebook.com
DNS ASK mx.##lktalk.net
DNS ASK mx#.##stinger.hr
DNS ASK fa###ook.com
DNS ASK dd#.com
DNS ASK ta###alk.net
DNS ASK cl###wire.net
DNS ASK my##cks.net
DNS ASK 69##.com
DNS ASK 75##.301cn.club
DNS ASK ye######.##il.protection.outlook.com
DNS ASK mx#.####497.c3s2.iphmx.com
DNS ASK og###tal.com
DNS ASK s.#om
DNS ASK fs#.com
DNS ASK mx.##obuh.com
DNS ASK zo##uh.com
DNS ASK ut########.mail.protection.outlook.com
DNS ASK ut##sa.edu
DNS ASK fr###hal.com
DNS ASK is####uyahoo.com
DNS ASK wa##a.com
DNS ASK 30##.com
DNS ASK co######on.namebright.com
DNS ASK mx.###rysoft.com
DNS ASK mx.##bleone.net
DNS ASK ma###dfsdf.com
DNS ASK ca###one.net
DNS ASK av###soft.com
DNS ASK le##.edu
DNS ASK ya##.com
DNS ASK ye##.com
DNS ASK ey##s.net
DNS ASK 89##.com
DNS ASK 65##.com
DNS ASK ya##oo.com
DNS ASK bo#.com.br
DNS ASK bp###ail.com
DNS ASK 22##.com
DNS ASK 51##.com
DNS ASK mx#.#ol.com.br
DNS ASK ex##te.com
DNS ASK hi###rytech.net
DNS ASK ci###.rr.com
DNS ASK ma##.gaggle.net
DNS ASK ga##le.net
DNS ASK tw###.rr.com
DNS ASK fm###.mycci.net
DNS ASK 27##.com
DNS ASK yo##oo.com
DNS ASK ya###.com.br
DNS ASK
DNS ASK my##ace.com
DNS ASK fs##il.net
DNS ASK fw.#####rwardingservice.com
DNS ASK yh##.com
DNS ASK jk###kjsd.com
DNS ASK 87##.com
DNS ASK xx#.com
DNS ASK ma#######xcite.roc2.bluetie.com
DNS ASK 13##.com
DNS ASK bf##ds.com
DNS ASK 76##.com
DNS ASK 57##.com
DNS ASK mx##.##il.icloud.com
DNS ASK me.com
DNS ASK ya###o.com.br
DNS ASK bt###ernet.com
DNS ASK me#.com
DNS ASK 35##.com
DNS ASK bi##ond.com
DNS ASK cu####.cscdns.net
DNS ASK mx#.#mpal.com
DNS ASK ro##.com
DNS ASK em##s.com
DNS ASK ex####l.bigpond.com
DNS ASK ma######e1.secureserver.net
DNS ASK ym##l.com
DNS ASK 85##.com
DNS ASK 82##.com
DNS ASK 15##.com
DNS ASK 43##.com
DNS ASK 06##.com
DNS ASK lu#.com
DNS ASK 91##.com
DNS ASK sb###obal.net
DNS ASK 18##.com
DNS ASK 81##.com
DNS ASK 02##.com
DNS ASK 77##.com
DNS ASK 52##.com
DNS ASK 60##.com
DNS ASK ya###.com.mx
DNS ASK pe###epc.com
DNS ASK 83##.com
DNS ASK fa#.#arvard.edu
DNS ASK 11##.com
DNS ASK ya#.com
DNS ASK ff######x-vip1.prodigy.net
DNS ASK mx######71101.pphosted.com
DNS ASK 23##.com
DNS ASK 53##.com
DNS ASK 98##.com
DNS ASK 40##.com
DNS ASK ho##ai.com
DNS ASK 04##.com
DNS ASK te#####.#ommandersofevony.com
DNS ASK mt##.##0.yahoodns.net
DNS ASK ic###azip.com
DNS ASK sm####ape.org.za
DNS ASK 32#.com
DNS ASK 44##.com
DNS ASK ma##.##artcape.org.za
DNS ASK co##ast.net
DNS ASK mx#####.#ail.gm0.yahoodns.net
DNS ASK mx#.#omcast.net
DNS ASK ao#.com
DNS ASK ve##zon.net
DNS ASK mx####.##il.gm0.yahoodns.net
DNS ASK mx#.321.com
DNS ASK 94##.com
DNS ASK 99##.com
DNS ASK wo##ay.com
DNS ASK 50##.com
DNS ASK 33##.com
DNS ASK mx.##wway.com
DNS ASK 95##.com
DNS ASK ho##il.com
DNS ASK 75##.com
DNS ASK 26##.com
DNS ASK ea###link.net
DNS ASK ya###.com.hk
DNS ASK 39##.com
DNS ASK si#####l.everyone.net
DNS ASK 36##.com
DNS ASK mx#.##rthlink.net
DNS ASK pu###ity.com
DNS ASK 54##.com
DNS ASK 71##.com
DNS ASK 25##.com
DNS ASK IT######Agent04.astate.edu
DNS ASK mx#.qq.com
DNS ASK alt1.aspmx.l.google.com
DNS ASK sm###.astate.edu
DNS ASK 58##.com
DNS ASK ti#.com
DNS ASK 08##.com
DNS ASK 61##.com
DNS ASK 64##.com
DNS ASK pa####x.above.com
DNS ASK qq.com
DNS ASK bi###und.net.au
DNS ASK as##.#inet.net.au
DNS ASK oz###il.com.au
DNS ASK lu###nka.com
DNS ASK 78##.com
DNS ASK gi###gooic.com
DNS ASK 34##.com
DNS ASK ha##ail.net
DNS ASK 09##.com
DNS ASK be###outh.net
DNS ASK ms#####.##c.protection.outlook.com
DNS ASK MS#.com
DNS ASK fl#.com
DNS ASK mx#.#anmail.net
DNS ASK 32##.com
DNS ASK 03##.com
DNS ASK 00##.com
DNS ASK ac###ntant.com
DNS ASK aspmx.l.google.com
DNS ASK ca##.com
DNS ASK 14##.com
DNS ASK 41##.com
DNS ASK mx##.mail.com
DNS ASK le##hc.com
DNS ASK na##.com
DNS ASK gm#.com
DNS ASK at#.net
DNS ASK 16##.com
DNS ASK 46##.com
DNS ASK 05##.com
DNS ASK 47##.com
DNS ASK 68##.com
DNS ASK mx##.gmx.net
DNS ASK 67##.com
DNS ASK ho##ail.com
DNS ASK 72##.com
DNS ASK re###fmail.com
DNS ASK ro###tmail.com
DNS ASK 59##.com
DNS ASK mx.######mail.rediff.akadns.net
DNS ASK ff######x-vip2.prodigy.net
DNS ASK ya###.com.au
DNS ASK 90##.com
DNS ASK 38##.com
DNS ASK mx###.in-mx.net
DNS ASK ex###ink.com
DNS ASK mx#.#harter.net
DNS ASK ch##ter.net
DNS ASK 56##.com
DNS ASK 70##.com
DNS ASK 24##.com
DNS ASK 42##.com
DNS ASK yo.com
DNS ASK 55##.com
DNS ASK 93##.com
DNS ASK 21##.com
DNS ASK 10##.com
DNS ASK 63##.com
DNS ASK 86##.com
DNS ASK fs##.com

Технологии

Термины

Обучение и просвещение

Мифы

Technical Information

Рекомендации по лечению

Демо бесплатно на 14 дней