Техническая информация
- %WINDIR%\ime\630\rar.exe e -y -ping %WINDIR%\ime\630\11.rar %WINDIR%\ime\630\ e -y -ping %WINDIR%\ime\630\ok.rar "%PROGRAM_FILES%\baidu\630\"
- <SYSTEM32>\attrib.exe +H +R ""%TEMP%\cf76b75569b433bff0fdac722f652c9f.dat""
- <SYSTEM32>\cacls.exe ""%HOMEPATH%\Local Settings\Temp"" /T /P everyone:F
- <SYSTEM32>\cacls.exe "%TEMP%\cf76b75569b433bff0fdac722f652c9f.dat" /T /P everyone:N
- <SYSTEM32>\cacls.exe ""%TEMP%\cf76b75569b433bff0fdac722f652c9f.dat"" /T /P everyone:N
- <SYSTEM32>\wscript.exe %WINDIR%\ime\630\11.vbs //B
- <SYSTEM32>\cmd.exe /c %WINDIR%\11a.bat
- <SYSTEM32>\cmd.exe /c %WINDIR%\ime\630\125.bat
- <SYSTEM32>\ping.exe 127.0.0.1 -n 2
- <SYSTEM32>\taskkill.exe /f /t /im ksafetray.exe
- %WINDIR%\ime\630\ji.bat
- %WINDIR%\ime\630\ab.bat
- %WINDIR%\ime\630\123.bat
- %WINDIR%\ime\630\123.txt
- %WINDIR%\ime\630\111.reg
- %WINDIR%\ime\630\11.vbs
- %WINDIR%\ime\630\11.txt
- %WINDIR%\ime\630\22.txt
- %WINDIR%\ime\630\ok.rar
- %WINDIR%\ime\630\125.bat
- %WINDIR%\ime\630\rar.exe
- %WINDIR%\ime\630\11.rar
- %PROGRAM_FILES%\baidu\630\csiss.txt
- %PROGRAM_FILES%\baidu\630\csiss.exe
- %WINDIR%\11a.bat
- %WINDIR%\ime\630\md5.txt
- %WINDIR%\ime\630\11.txt
- %WINDIR%\ime\630\11.vbs
- %PROGRAM_FILES%\baidu\630\csiss.txt
- '11#.#86.75.195':3721
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''