Техническая информация
- '<SYSTEM32>\taskkill.exe' /pid=3316
- '<SYSTEM32>\taskkill.exe' /pid=3388
- '<SYSTEM32>\taskkill.exe' /pid=3356
- '<SYSTEM32>\taskkill.exe' /pid=2808
- '<SYSTEM32>\cmd.exe' /c %TEMP%\0h3f4S.bat
- '<SYSTEM32>\taskkill.exe' /f /t /im av*
- '<SYSTEM32>\cmd.exe' /c %TEMP%\0F8H2m.bat
- <SYSTEM32>\taskkill.exe
- AVGCTRL.EXE
- AVPCC.EXE
- AVP32.EXE
- AVSYNMGR.EXE
- AVPM.EXE
- AVP.EXE
- AVGCC32.EXE
- avgcc.exe
- AVP.COM
- AVGCTRL.EXE
- %PROGRAM_FILES%\5h8F0S5h6Z\2n3W1H.0J2J4c
- %PROGRAM_FILES%\5h8F0S5h6Z\5i7v4O.4k3i0S
- %TEMP%\0F8H2m.bat
- %TEMP%\0h3f4S.bat
- %PROGRAM_FILES%\5h8F0S5h6Z\3F6Q4Z.8q4L8l
- %PROGRAM_FILES%\5h8F0S5h6Z\3z1e3m.1T2m4x
- %PROGRAM_FILES%\5h8F0S5h6Z\2n3W1H.0J2J4c
- %PROGRAM_FILES%\5h8F0S5h6Z\5i7v4O.4k3i0S
- %PROGRAM_FILES%\5h8F0S5h6Z\3F6Q4Z.8q4L8l
- %PROGRAM_FILES%\5h8F0S5h6Z\3z1e3m.1T2m4x
- 'cp#######.publiccloud.com.br':80
- cp#######.publiccloud.com.br/modelo/casa30.pdf
- cp#######.publiccloud.com.br/modelo/casa40.pdf
- cp#######.publiccloud.com.br/modelo/casa10.pdf
- cp#######.publiccloud.com.br/modelo/casa20.pdf
- DNS ASK cp#######.publiccloud.com.br
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'