Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\syskernel.exe
- %TEMP%\TDSCertificate.cer
- '%HOMEPATH%\Start Menu\Programs\Startup\syskernel.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\TDSCertificate.cer
- '<SYSTEM32>\rundll32.exe' cryptext.dll,CryptExtOpenCER %TEMP%\TDSCertificate.cer