Техническая информация
- %TEMP%\aut1.tmp
- %WINDIR%\Temp\ye.reg
- %TEMP%\aut2.tmp
- %WINDIR%\Temp\Oem7F7.exe
- %TEMP%\aut3.tmp
- %WINDIR%\Temp\setup.bat
- %TEMP%\run.exe
- %TEMP%\tmp.dll
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut3.tmp
- %TEMP%\run.exe
- %TEMP%\tmp.dll
- %TEMP%\run.exe
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%WINDIR%\Temp\Oem7F7.exe' /a /acer /random /protect
- '%TEMP%\run.exe' /inst sys
- '%WINDIR%\regedit.exe' /s %WINDIR%\Temp\you.reg
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\Temp\setup.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\run.exe /inst sys >%TEMP%\tmp.dll