Техническая информация
- %TEMP%\nsq2.tmp\ns3.tmp c:\3301.bat
- <SYSTEM32>\wbem\wmic.exe userAccount where "Name='%USERNAME%'" get SID /value
- <SYSTEM32>\cmd.exe /c c:\3301.bat
- [<HKCU>\Software\FlashFXP]
- %TEMP%\nsq2.tmp\ns3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\nsq2.tmp\System.dll
- C:\3301.bat
- %TEMP%\nsq2.tmp\nsExec.dll
- %TEMP%\tmp4.tmp