Техническая информация
- %TEMP%\nsx2.tmp
- %TEMP%\nss3.tmp\System.dll
- %APPDATA%\1337\Для задания.txt
- %APPDATA%\1337\MINER.exe
- %APPDATA%\wow64_microsoft-windows-data-pdf_31bf3856ad364e35_10.0.17134.81_none_fa86d429a1f9d6f4\D3DCompiler_38.exe
- %TEMP%\nss3.tmp\System.dll
- %APPDATA%\1337\MINER.exe в %APPDATA%\wow64_microsoft-windows-data-pdf_31bf3856ad364e35_10.0.17134.81_none_fa86d429a1f9d6f4\D3DCompiler_38.exe
- '2n#.co':443
- DNS ASK 2n#.co
- '%APPDATA%\1337\MINER.exe'
- '<SYSTEM32>\notepad.exe' %APPDATA%\1337\Для задания.txt
- '<SYSTEM32>\cmd.exe' /c icacls "%APPDATA%\wow64_microsoft-windows-data-pdf_31bf3856ad364e35_10.0.17134.81_none_fa86d429a1f9d6f4" /inheritance:e /deny "Administrator:(R,REA,RA,RD)" "ASPNET:(R,REA,RA,RD)" "Guest:(R,R...