Техническая информация
- '<SYSTEM32>\wscript.exe' "C:\Users\Public\system.vbs"
- '<SYSTEM32>\cmd.exe' /K system.bat
- '<SYSTEM32>\cmd.exe' /c ""C:\Users\Public\1.bat" "
- '%WINDIR%\XXInstall\ps.exe' %TEMP%\1.txt
- 'C:\Users\Public\system.exe' /stext sys.txt
- 'C:\Users\Public\123.exe' -password -d\Users\Public
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL %TEMP%\Прайс лист.docx
- '%TEMP%\111112323.huuh43443.exe'
- '<SYSTEM32>\cmd.exe' /c ""C:\Users\Public\123.bat" "
- '<SYSTEM32>\notepad.exe' %TEMP%\1.txt
- %WINDIR%\XXInstall\ps.exe
- <SYSTEM32>\notepad.exe
- [<HKCU>\Software\Microsoft\Internet Account Manager]
- [<HKCU>\Software\Microsoft\Internet Account Manager\Accounts]
- C:\Users\Public\system.exe
- C:\Users\Public\system.bat
- C:\Users\Public\system.cfg
- C:\Users\Public\sys.txt
- C:\Users\Public\system.vbs
- %TEMP%\Прайс лист.docx
- %TEMP%\111112323.huuh43443.exe
- C:\Users\Public\123.bat
- C:\Users\Public\1.bat
- C:\Users\Public\123.exe
- '93.##8.134.11':465
- DNS ASK sm##.yandex.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''