Technical Information
- [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'TaskMan' = '%APPDATA%\AstralToolBox\astraltoolbox.exe'
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1400' = '00000003'
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1C00' = '00000000'
- %APPDATA%\1c\price_1c.xls
- %APPDATA%\astraltoolbox\libeay32.dll
- %APPDATA%\astraltoolbox\ssleay32.dll
- %APPDATA%\astraltoolbox\astraltoolbox.exe
- %APPDATA%\astraltoolbox\id.log
- 'as####box.my1.ru':80
- 'uc#z.ru':443
- 'as####box.my1.ru':443
- http://as####box.my1.ru/1/price_1c.log
- http://as####box.my1.ru/1/libeay32.log
- http://as####box.my1.ru/1/ssleay32.log
- http://as####box.my1.ru/1/astraltoolbox.log
- 'uc#z.ru':443
- 'as####box.my1.ru':443
- DNS ASK as####box.my1.ru
- DNS ASK uc#z.ru
- '%APPDATA%\astraltoolbox\astraltoolbox.exe'
- '%ProgramFiles%\microsoft office\office14\excel.exe' /dde