Техническая информация
- Update.exe
- %TEMP%\2B83A.dmp
- %TEMP%\2FDA0.dmp
- %TEMP%\3FF8F.dmp
- %TEMP%\Update.txt
- %ALLUSERSPROFILE%\Application Data\XMR Builder.exe
- %APPDATA%\Update\Update.exe
- %TEMP%\dw.log
- '%APPDATA%\Update\Update.exe'
- '%ALLUSERSPROFILE%\Application Data\XMR Builder.exe'
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /f /v "Update" /d "cmd /c type "%TEMP%\Update.txt" | cmd"
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 368
- '<SYSTEM32>\cmd.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 352