Техническая информация
- '<SYSTEM32>\schtasks.exe' /create /sc onlogon /tn "Client" /rl highest /tr "'%ProgramFiles%\Client\svhoste.exe' /startup" /f
- '%TEMP%\run.exe'
- '%TEMP%\cra.exe'
- <SYSTEM32>\svchost.exe
- %TEMP%\run.exe
- %ProgramFiles%\Client\svhoste.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %TEMP%\cra.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- 'li###2.ddns.net':7777
- DNS ASK li###2.ddns.net
- ClassName: 'Shell_TrayWnd' WindowName: ''