Техническая информация
- %HOMEPATH%\AppData\Local\Temp\1.bat
- %HOMEPATH%\AppData\Local\Temp\s.sfx.exe
- C:\Documents\s.exe
- %APPDATA%\History
- %WINDIR%Data\hostdl.exe
- %APPDATA%\History
- %WINDIR%Data\hostdl.exe
- C:\Documents\s.exe
- ClassName: 'EDIT' WindowName: ''
- '%HOMEPATH%\AppData\Local\Temp\s.sfx.exe' -p123 -d%HOMEPATH%\AppData\Local\Temp
- 'C:\Documents\s.exe'
- '%WINDIR%Data\hostdl.exe' "C:\Documents\s.exe"
- '<SYSTEM32>\cmd.exe' /c ""%HOMEPATH%\AppData\Local\Temp\1.bat" "
- '<SYSTEM32>\schtasks.exe' /create /tn UpdateService /tr "%WINDIR%Data\hostdl.exe" /sc minute /F