Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WinNet' = '%TEMP%\winprocess.exe'
- %TEMP%\winprocess.exe
- %TEMP%\intel.vbs
- %APPDATA%\ЛЁtel\лgfxtsм.гxe
- %TEMP%\winapps.exe
- %TEMP%\net.exe
- %TEMP%\winappsfinal.exe
- %TEMP%\Deltofinal.exe
- %TEMP%\1.vbs
- %TEMP%\delto.exe
- %TEMP%\intel.vbs
- %TEMP%\1.vbs
- 'ht######erupdates.ddns.net':31399
- DNS ASK еz#####.ervebloыуаt
- DNS ASK ht######erupdates.ddns.net
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\net.exe' -pR%$VBcX4501_)+M~
- '%TEMP%\delto.exe' -p$54Jj)_+>>ZX81~
- '%TEMP%\winapps.exe'
- '%TEMP%\winprocess.exe'
- '%TEMP%\winappsfinal.exe'
- '%TEMP%\Deltofinal.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\intel.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\1.vbs"