25.02.2013, 20:08
Tia GEO-SYSTEM,GeoUpdate
Kod:
[ Network services ]
* Queries DNS "geoupdate.igeomap.pl".
* Queries DNS "pop.googlemail.com".
* C:\Users\tachion\Desktop\malware\GenVariant.Symmi\GenVariant.Symmi\geoupdate.exe Connects to "62.129.234.189" on port 80 (TCP - HTTP).
* Downloads file from "geoupdate.igeomap.pl/GeoUpdate/ModulesList.gum".
* Downloads file from "geoupdate.igeomap.pl/GeoUpdate/Update.ver".
* Downloads file from "geoupdate.igeomap.pl/GeoUpdate/geo-map.gud".