Техническая информация
- '<SYSTEM32>\taskkill.exe' /F /IM cmd.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\7j1g4s1m5z3l.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\4C8W4U.bat
- '<SYSTEM32>\taskkill.exe' /f /t /im av*
- <SYSTEM32>\cmd.exe
- AVPCC.EXE
- AVP32.EXE
- AVSYNMGR.EXE
- AVPM.EXE
- AVP.EXE
- AVGCC32.EXE
- avgcc.exe
- AVP.COM
- AVGCTRL.EXE
- %PROGRAM_FILES%\7l7I2z6U2h\5S5T5c.0W1s3e
- %PROGRAM_FILES%\7l7I2z6U2h\1g8B7h.2J1K2S
- %TEMP%\7j1g4s1m5z3l.bat
- %TEMP%\4C8W4U.bat
- %PROGRAM_FILES%\7l7I2z6U2h\5f5b8Y.2f8a8E
- %PROGRAM_FILES%\7l7I2z6U2h\7B5k0U.7s2U8u
- %PROGRAM_FILES%\7l7I2z6U2h\5S5T5c.0W1s3e
- %PROGRAM_FILES%\7l7I2z6U2h\1g8B7h.2J1K2S
- %PROGRAM_FILES%\7l7I2z6U2h\5f5b8Y.2f8a8E
- %PROGRAM_FILES%\7l7I2z6U2h\7B5k0U.7s2U8u
- 'cp#######.publiccloud.com.br':80
- cp#######.publiccloud.com.br/modelo/casa30.pdf
- cp#######.publiccloud.com.br/modelo/casa40.pdf
- cp#######.publiccloud.com.br/modelo/casa10.pdf
- cp#######.publiccloud.com.br/modelo/casa20.pdf
- DNS ASK cp#######.publiccloud.com.br
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'