Техническая информация
- ClassName: 'ollydbg', WindowName: ''
- ClassName: 'TDeDeMainForm', WindowName: ''
- ClassName: 'TIdaWindow', WindowName: ''
- ClassName: '', WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- <SYSTEM32>\148406.dll
- <Полный путь к файлу> в <SYSTEM32>\148546.bak
- 'ns.##ktek.org':443
- DNS ASK ns.##ktek.org
- ClassName: '1212121' WindowName: ''
- ClassName: 'icu_dbg' WindowName: ''
- ClassName: 'pe--diy' WindowName: ''
- ClassName: 'odbydyk' WindowName: ''
- ClassName: '' WindowName: 'Import REConstructor v1.6 FINAL (C) 2001-2003 MackT/uCF'
- ClassName: 'kk1' WindowName: ''
- ClassName: 'Eew75' WindowName: ''
- ClassName: 'Shadow' WindowName: ''
- ClassName: 'WinDbgFrameClass' WindowName: ''
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\148406.dll",MainThread
- '<SYSTEM32>\cmd.exe' /c ping 127.0.0.1 -n 1 && del /f/q "<Полный путь к файлу>"
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 1