Техническая информация
- '<SYSTEM32>\wscript.exe' "%TEMP%\voice.vbs"
- '<SYSTEM32>\taskkill.exe' /f /im spotify.exe
- '<SYSTEM32>\reg.exe' add "HKCU\Control Panel\Desktop" /V Wallpaper /F /T REG_SZ /D "%HOMEPATH%\risi.bmp"
- '<SYSTEM32>\rundll32.exe' user32.dll, UpdatePerUserSystemParameters
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\Run.bat" "
- '<SYSTEM32>\wscript.exe' "invisible.vbs" "Hidden.bat"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\Hidden.bat" "
- %TEMP%\invisible.vbs
- %TEMP%\msg.vbs
- %TEMP%\error.vbs
- %TEMP%\disk.vbs
- %TEMP%\enter.vbs
- %TEMP%\song.mp3
- %APPDATA%\Microsoft\Speech\Files\UserLexicons\SP_08BC2492C4394A95B10210F987613BC8.dat
- %TEMP%\error.mp3
- %TEMP%\music.vbs
- %TEMP%\voice.vbs
- %TEMP%\run.bat
- %TEMP%\hide.exe
- %TEMP%\Hidden.bat
- %TEMP%\disable taskmgr.bat
- %TEMP%\enable taskmgr.bat
- %TEMP%\risi.bmp
- %TEMP%\disco.vbs
- %TEMP%\Twitch.exe
- %TEMP%\melter.exe
- %TEMP%\show.exe
- ClassName: '' WindowName: ''
- ClassName: 'CicLoaderWndClass' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''