Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Internet Explorerr' = 'C:\system33\window1.vbs'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Office Profecional corp' = 'C:\system33\window2.vbs'
- C:\ness\1.exe
- C:\system33\OpenCL.dll
- C:\system33\pow32.bat
- C:\system33\Qt5Core.dll
- C:\system33\Qt5Network.dll
- C:\system33\ssleay32.dll
- C:\system33\svchost31.exe
- C:\system33\systemx.bat
- C:\system33\window1.vbs
- C:\system33\window2.vbs
- C:\system33\libeay32.dll
- C:\system33\msvcp120.dll
- C:\system33\msvcr120.dll
- ClassName: 'EDIT' WindowName: ''
- 'C:\ness\1.exe'
- '<SYSTEM32>\wscript.exe' "C:\system33\window1.vbs"
- '<SYSTEM32>\cmd.exe' /c ""C:\system33\systemx.bat" "
- '<SYSTEM32>\reg.exe' add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "Internet Explorerr" /t REG_SZ /d "C:\system33\window1.vbs" /f
- '<SYSTEM32>\reg.exe' add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "Office Profecional corp" /t REG_SZ /d "C:\system33\window2.vbs" /f
- '<SYSTEM32>\attrib.exe' +H C:\system33
- '<SYSTEM32>\schtasks.exe' /Create /f /sc hourly /mo 5 /tn "Google Chromesmt" /tr C:\system33\window1.vbs