Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Userinit' = '%WINDIR%\temp\Userinits.exe'
- '<SYSTEM32>\sc.exe' query
- '<SYSTEM32>\cmd.exe' /c ipconfig /all >> %WINDIR%\Temp\sysn\CRNJEUFU\cmdticks.log
- '<SYSTEM32>\ipconfig.exe' /all
- '<SYSTEM32>\cmd.exe' /c tasklist > %WINDIR%\Temp\sysn\CRNJEUFU\cmdticks.log
- '<SYSTEM32>\tasklist.exe'
- '<SYSTEM32>\cmd.exe' /c sc query >> %WINDIR%\Temp\sysn\CRNJEUFU\cmdticks.log
- %WINDIR%\Temp\sysn\CRNJEUFU\cmdticks.log
- %WINDIR%\Temp\sysn\CRNJEUFU\enterlog.dat
- %WINDIR%\Temp\Userinits.exe
- %WINDIR%\Temp\Userinits.exe