Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wuaclt.exe' = '%WINDIR%\postal_tarjeta.bat'
- <SYSTEM32>\attrib.exe <DRIVERS>\etc\hosts +r +h
- <SYSTEM32>\ipconfig.exe /flushdns
- <SYSTEM32>\reg.exe ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v wuaclt.exe /t REG_SZ /d "%WINDIR%\postal_tarjeta.bat" /f
- <SYSTEM32>\attrib.exe %WINDIR%\video_tarjeta.bat +r +h
- <SYSTEM32>\attrib.exe <DRIVERS>\etc\hosts -r -h -s
- <SYSTEM32>\attrib.exe <DRIVERS>\etc\service2 +r +h
- %WINDIR%\video_tarjeta.bat
- %TEMP%\a53740.bat
- %WINDIR%\video_tarjeta.bat
- %TEMP%\a53740.bat
- %TEMP%\a53740.bat
- <DRIVERS>\etc\hosts в <DRIVERS>\etc\service2