Техническая информация
- [<HKLM>\SOFTWARE\Classes\.bat] '' = '.scr'
- [<HKLM>\SOFTWARE\Classes\.com] '' = '.gif'
- [<HKLM>\SOFTWARE\Classes\.exe] '' = '.txt'
- '<SYSTEM32>\rundll32.exe' shell32.dll,Activate_RunDLL
- '<SYSTEM32>\net1.exe' user "Smoked" /add
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\Virus.bat""
- '<SYSTEM32>\label.exe' C:Temur_Hacker
- C:\XXX.bat
- %TEMP%\1.tmp\Virus.bat
- %TEMP%\1.tmp\Virus.bat