Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\XnCd.com.url
- %TEMP%\aut2.tmp
- %HOMEPATH%\Local Settings\TempKAai.WG
- %APPDATA%\bomek\bomek.exe
- %TEMP%\aut1.tmp
- %HOMEPATH%\Local Settings\TempVideo-October-01-2017-(1).mp4.mp4
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL %HOMEPATH%\Local Settings\TempVideo-October-01-2017-(1).mp4.mp4