Техническая информация
- <SYSTEM32>\cmd.exe
- C:\ProgramData\Cuda\cvshost.exe
- C:\ProgramData\Cuda\CudaUpdateA.exe
- C:\ProgramData\Cuda\del.exe
- C:\ProgramData\Cuda\11mex.png
- C:\ProgramData\Cuda\winst.exe
- C:\ProgramData\Cuda\ucrtbased.dll
- C:\ProgramData\Cuda\msvcp140d.dll
- C:\ProgramData\Cuda\vcruntime140d.dll
- C:\ProgramData\Cuda\XBox.exe
- C:\ProgramData\Cuda\config.json
- 'ip##gger.ru':80
- http://ip##gger.ru/11Sex.png
- http://ip##gger.ru/11mex.png
- DNS ASK ip##gger.ru
- ClassName: 'AutoHotkey' WindowName: 'C:\ProgramData\Cuda\cvshost.exe'
- ClassName: 'AutoHotkey' WindowName: 'C:\ProgramData\Cuda\del.exe'
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'AutoHotkey' WindowName: 'C:\ProgramData\Cuda\winst.exe'
- 'C:\ProgramData\Cuda\del.exe'
- 'C:\ProgramData\Cuda\cvshost.exe'
- 'C:\ProgramData\Cuda\winst.exe'
- '<SYSTEM32>\schtasks.exe' /Create /SC DAILY /TN \System\DELL /TR "C:\ProgramData\Cuda\del.exe" /F
- '<SYSTEM32>\schtasks.exe' /Create /SC HOURLY /MO 3 /TN \System\CVS /TR "C:\ProgramData\Cuda\cvshost.exe" /ST "16:4" /F
- '<SYSTEM32>\schtasks.exe' /Create /SC MINUTE /MO 59 /TN \Windows\CudaUpdateA /TR "C:\ProgramData\Cuda\CudaUpdateA.exe" /ST "16:54" /F