Техническая информация
- Средство контроля пользовательских учетных записей (UAC)
- %TEMP%\UAC-OFF.reg
- %TEMP%\bin\entn.ps1
- %TEMP%\bin\entsn.ps1
- %TEMP%\bin\x64\gatherosstate.exe
- %TEMP%\bin\x64\slc.dll
- %TEMP%\bin\x86\gatherosstate.exe
- %TEMP%\bin\x86\slc.dll
- %TEMP%\Run.cmd
- %TEMP%\install.exe
- %TEMP%\1.tmp\2.bat
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%TEMP%\install.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\Run.cmd" "
- '%WINDIR%\regedit.exe' /s UAC-OFF.reg
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\2.bat" %TEMP%\install.exe"
- '<SYSTEM32>\mode.com' con cols=70 lines=2
- '<SYSTEM32>\fltMc.exe'
- '<SYSTEM32>\cmd.exe' /c reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" | findstr CurrentVersion | findstr REG_SZ
- '<SYSTEM32>\reg.exe' query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
- '<SYSTEM32>\findstr.exe' CurrentVersion
- '<SYSTEM32>\findstr.exe' REG_SZ