Техническая информация
- %TEMP%\aut1.tmp
- %TEMP%\temp001\OEM7.exe
- %TEMP%\run.exe
- %TEMP%\tmp.dll
- %TEMP%\aut1.tmp
- %TEMP%\run.exe
- %TEMP%\tmp.dll
- %TEMP%\run.exe
- '%TEMP%\temp001\OEM7.exe' /a /acer /random /protect
- '%TEMP%\run.exe' /inst sys
- '<SYSTEM32>\cmd.exe' /c %TEMP%\temp001\OEM7.exe /a /acer /random /protect
- '<SYSTEM32>\cmd.exe' /c %TEMP%\run.exe /inst sys >%TEMP%\tmp.dll