Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\lsass.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe'
- '<SYSTEM32>\cmd.exe' /c copy "%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe" "C:\temp2486.tmp"
- '<SYSTEM32>\cmd.exe' /c copy "<Полный путь к вирусу>" "%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe"
- '<SYSTEM32>\attrib.exe' "%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe" +s +h
- '<SYSTEM32>\cmd.exe' /c attrib "%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe" +s +h
- '<SYSTEM32>\attrib.exe' "%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe" -s -h
- '<SYSTEM32>\attrib.exe' "±ё¦ёёsЄЅЄ" -s -h
- '<SYSTEM32>\cmd.exe' /c attrib "±ё¦ёёsЄЅЄ" -s -h
- '<SYSTEM32>\cmd.exe' /c copy "<Полный путь к вирусу>" "C:\temp9547.tmp"
- '<SYSTEM32>\cmd.exe' /c attrib "%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe" -s -h
- ClassName: 'TibiaClient' WindowName: ''
- C:\temp2486.tmp
- C:\temp9547.tmp
- %HOMEPATH%\Start Menu\Programs\Startup\lsass.exe
- C:\temp2486.tmp
- C:\temp9547.tmp