Техническая информация
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- ClassName: 'OLLYDBG', WindowName: ''
- ClassName: 'GBDYLLO', WindowName: ''
- ClassName: 'pediy06', WindowName: ''
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: '', WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass', WindowName: ''
- ClassName: '', WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- %HOMEPATH%\Protection\IsoDisc.exe
- %APPDATA%\23EF5514-3059-436F-A4A7-4CEFAAB20EB1\run.dat
- %HOMEPATH%\Protection\IsoDisc.exe
- <Полный путь к файлу>
- 'do#####re.dyndns.org':1111
- DNS ASK do#####re.dyndns.org
- ClassName: '18467-41' WindowName: ''
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '<SYSTEM32>\schtasks.exe' /create /tn 53797374656D /tr "%HOMEPATH%\Protection\IsoDisc.exe" /sc minute /mo 1 /F
- '<SYSTEM32>\cmd.exe' /k ping 127.0.0.1 -t 0 & del <Полный путь к файлу> & exit
- '<SYSTEM32>\ping.exe' 127.0.0.1 -t 0