Техническая информация
- <SYSTEM32>\taskkill.exe /IM egui.exe /F
- %WINDIR%\regedit.exe /S Servers.reg
- %WINDIR%\regedit.exe /S ShowSplash.reg
- <SYSTEM32>\msiexec.exe /V
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\a00204.bat" <Полный путь к вирусу>"
- <SYSTEM32>\xcopy.exe "taskkill.exe" "<SYSTEM32>" /i /s /e /r /v /f /c /h /y
- <SYSTEM32>\msiexec.exe /i "setup.msi" /qn REBOOT=ReallySuppress ADMINCFG=ФSettings.xmlФ
- %WINDIR%\Temp\a00204.bat
- %WINDIR%\Temp\a00204.bat
- %WINDIR%\Temp\a00204.bat
- <SYSTEM32>\taskkill.exe
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''