Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SonyAgent' = '<Full path to virus>'
- <Full path to virus>
- 'localhost':49206
- '17#.#9.50.194':80
- 'localhost':49203
- '46.##8.66.164':80
- 'localhost':49209
- '58.##.193.38':80
- 'localhost':49197
- '17#.#72.198.70':80
- 'localhost':49194
- '59.#7.45.75':80
- 'localhost':49200
- '77.##2.69.16':80
- '92.##.184.50':80
- '89.##0.226.26':80
- '93.#7.13.42':80
- '36.##.130.19':80
- '94.#7.77.16':80
- '11#.#33.168.13':80
- 'localhost':49215
- '21#.#8.180.34':80
- 'localhost':49212
- '94.##.106.11':80
- '77.##2.17.13':80
- '46.##8.76.109':80
- 'localhost':49170
- '21#.204.4.3':80
- 'localhost':49167
- '10#.#7.162.4':80
- 'localhost':49173
- '17#.#82.70.33':80
- 'localhost':49161
- '10#.#7.133.43':80
- 'localhost':49158
- '61.##.69.148':80
- 'localhost':49164
- '21#.8.43.38':80
- 'localhost':49188
- '21#.#28.143.82':80
- 'localhost':49185
- '20#.#6.78.14':80
- 'localhost':49191
- '11#.#3.166.211':80
- 'localhost':49179
- '17#.#9.180.34':80
- 'localhost':49176
- '95.#9.224.3':80
- 'localhost':49182
- '92.##.164.139':80
- 92.##.184.50/default.htm
- 89.##0.226.26/main.htm
- 11#.#33.168.13/login.htm
- 36.##.130.19/file.htm
- 94.#7.77.16/login.htm
- 17#.#82.70.33/main.htm
- 77.##2.17.13/main.htm
- 94.##.106.11/home.htm
- 17#.#9.180.34/start.htm
- 93.#7.13.42/file.htm