Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'update' = '<SYSTEM32>\aHTu-3aDpoT.bat'
- <SYSTEM32>\shutdown.exe -s -t 10 -c "XBaTuT 3aDpa4uBaTb! OTDoxHu! {_H@cked_by_DeaDly-WorM_}"
- <SYSTEM32>\reg.exe add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v update /t REG_SZ /d <SYSTEM32>\aHTu-3aDpoT.bat /f
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\Benihop v1.2.7 v34.bat""
- <SYSTEM32>\aHTu-3aDpoT.bat
- %TEMP%\1.tmp\Benihop v1.2.7 v34.bat
- %TEMP%\1.tmp\Benihop v1.2.7 v34.bat