Техническая информация
- <SYSTEM32>\cmd.exe /c "%TEMP%\\aa.bat"
- %WINDIR%\explorer.exe
- %TEMP%\aa.bat
- <Полный путь к вирусу>
- %WINDIR%\ntshrui.dll
- %TEMP%\setup080.exe
- %TEMP%\_.exe
- %TEMP%\setup080.exe
- %TEMP%\_.exe
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'CSCHiddenWindow' WindowName: ''
- ClassName: '_CLS_SessionAgent' WindowName: '_CLS_SessionAgent'
- ClassName: 'rsccenter' WindowName: 'cc'
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'Proxy Desktop' WindowName: ''