Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im ModuleICO.exe
- '<SYSTEM32>\taskkill.exe' /f /im CryptoTools.exe
- '<SYSTEM32>\taskkill.exe' /f /im 7z.exe
- %TEMP%\7ZipSfx.000\setup.dll.zip
- %TEMP%\7ZipSfx.000\delsold.cmd
- %TEMP%\7ZipSfx.000\sosun.cmd
- %TEMP%\7ZipSfx.000\7za.exe
- %TEMP%\7ZipSfx.000\7za.dll
- %TEMP%\7ZipSfx.000\7zxa.dll
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\delsold.cmd" "
- '<SYSTEM32>\cmd.exe' /S /D /c" ver "
- '<SYSTEM32>\find.exe' /i "XP"