Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- %HOMEPATH%\Start Menu\Programs\Startup\Uninstall.lnk
- %ProgramFiles%\malware\start.bat
- %ProgramFiles%\malware\uninst.exe
- %ProgramFiles%\malware\temp.vbs
- %ProgramFiles%\malware\temp.vbs
- '<SYSTEM32>\wscript.exe' "%ProgramFiles%\malware\temp.vbs"
- '<SYSTEM32>\cmd.exe' /c "%ProgramFiles%\malware\start.bat"