Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Explorer.lnk
- C:\ProgramData\Windows\2.vbs
- C:\ProgramData\Windows\cheati.exe
- C:\ProgramData\Windows\3.bat
- C:\ProgramData\Windows\cheat.exe
- C:\ProgramData\Windows\api\websocket.htm
- C:\ProgramData\Windows\api\index.php
- C:\ProgramData\Windows\api\local-sample.php
- C:\ProgramData\Windows\cpu.bat
- C:\ProgramData\Windows\Explorer.bat
- C:\ProgramData\Windows\RUN-help.bat
- C:\ProgramData\Windows\cpuminer-gw64-avx2.exe
- C:\ProgramData\Windows\cpuminer-gw64-core2.exe
- C:\ProgramData\Windows\cpuminer-gw64-corei7.exe
- C:\ProgramData\Windows\cpu.vbs
- C:\ProgramData\Windows\Explorer.vbs
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\wscript.exe' "C:\ProgramData\Windows\2.vbs"
- 'C:\ProgramData\Windows\cheati.exe' -p123456 -dC:\ProgramData\Windows
- 'C:\ProgramData\Windows\cheat.exe'
- '<SYSTEM32>\wscript.exe' "C:\ProgramData\Windows\Explorer.vbs"
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\Windows\3.bat" "
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\Windows\Explorer.bat" "
- '<SYSTEM32>\cmd.exe' /c tasklist /NH /FI "IMAGENAME eq taskmgr.exe"
- '<SYSTEM32>\tasklist.exe' /NH /FI "IMAGENAME eq taskmgr.exe"