Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Google Upgrade Assistant.exe
- '<SYSTEM32>\netsh.exe' firewall Set service RemoteAdmin enable
- %TEMP%\7zZUV81ZA3N\WmiPrvSE.exe
- 'sd.#tsga.ga':22
- DNS ASK sd.#tsga.ga
- '%TEMP%\7zZUV81ZA3N\WmiPrvSE.exe'
- '<SYSTEM32>\cmd.exe' /c COPY /Y "<Полный путь к файлу>" "%HOMEPATH%\Start Menu\Programs\Startup\Google Upgrade Assistant.exe"
- '<SYSTEM32>\cmd.exe' /c ATTRIB +H +R -I "%HOMEPATH%\Start Menu\Programs\Startup\Google Upgrade Assistant.exe"
- '<SYSTEM32>\cmd.exe' /c COPY /Y "<Полный путь к файлу>" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Google Upgrade Assistant.exe"
- '<SYSTEM32>\cmd.exe' /c ATTRIB +H +R -I "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Google Upgrade Assistant.exe"
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\7zZUV81ZA3N\WmiPrvSE.exe"
- '<SYSTEM32>\attrib.exe' +H +R -I "%HOMEPATH%\Start Menu\Programs\Startup\Google Upgrade Assistant.exe"
- '<SYSTEM32>\attrib.exe' +H +R -I "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Google Upgrade Assistant.exe"
- '<SYSTEM32>\cmd.exe' /c REG ADD /f "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Icons" /v 29 /t REG_SZ /d <SYSTEM32>\shell32.dll,-50
- '<SYSTEM32>\reg.exe' ADD /f "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Icons" /v 29 /t REG_SZ /d <SYSTEM32>\shell32.dll,-50