Техническая информация
- '%WINDIR%\pchealth\0727\kkkv3.exe'
- '<SYSTEM32>\taskkill.exe' /f /im cuia.exe
- '<SYSTEM32>\xcopy.exe' 1.txt <DRIVERS>\etc\ /y
- '<SYSTEM32>\wscript.exe' "%WINDIR%\pchealth\0727\1.vbs"
- '<SYSTEM32>\taskkill.exe' /f /im csuperm.exe
- %WINDIR%\pchealth\0727\kkkv3.exe
- <DRIVERS>\etc\1.txt
- %WINDIR%\pchealth\0727\0727.bat
- %WINDIR%\pchealth\0727\1.txt
- %WINDIR%\pchealth\0727\1.vbs
- <DRIVERS>\etc\1.txt в <DRIVERS>\etc\hosts.ics
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'