Техническая информация
- %PROGRAM_FILES%\WinRAR\Rar.exe e -y -ping <SYSTEM32>\618\11.rar <SYSTEM32>\618\ e -y -ping <SYSTEM32>\618\ok.rar "%PROGRAM_FILES%\618\"
- <SYSTEM32>\cacls.exe ""%HOMEPATH%\Local Settings\Temp"" /T /P everyone:F
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\11.vbs" //B
- <SYSTEM32>\attrib.exe +H +R ""%TEMP%\f97ccfe6e02f3ad1e01a745934326097.dat""
- <SYSTEM32>\cacls.exe "%TEMP%\f97ccfe6e02f3ad1e01a745934326097.dat" /T /P everyone:N
- <SYSTEM32>\cacls.exe ""%TEMP%\f97ccfe6e02f3ad1e01a745934326097.dat"" /T /P everyone:N
- <SYSTEM32>\taskkill.exe /f /t /im ksafetray.exe
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\618\125.bat
- <SYSTEM32>\cmd.exe /c %WINDIR%\11a.bat
- <SYSTEM32>\taskkill.exe /f /t /im lsrss.exe
- <SYSTEM32>\ping.exe 127.0.0.1 -n 2
- <SYSTEM32>\618\123.bat
- <SYSTEM32>\618\Comres.txt
- <SYSTEM32>\618\00.bat
- <SYSTEM32>\618\11.txt
- %WINDIR%\Comres.dll
- %WINDIR%\update.exe
- <SYSTEM32>\618\update.txt
- %PROGRAM_FILES%\11.vbs
- %PROGRAM_FILES%\WinRAR\Rar.exe
- <SYSTEM32>\618\125.bat
- <SYSTEM32>\618\11.rar
- <SYSTEM32>\618\ok.rar
- %PROGRAM_FILES%\618\lsrss.txt
- %PROGRAM_FILES%\618\lsrss.exe
- <SYSTEM32>\618\md5.txt
- %WINDIR%\11a.bat
- <SYSTEM32>\618\Comres.txt
- %PROGRAM_FILES%\11.vbs
- %PROGRAM_FILES%\618\lsrss.txt
- <SYSTEM32>\618\update.txt
- 'q1#####4198.3322.org':8000
- DNS ASK q1#####4198.3322.org
- ClassName: '' WindowName: ''