Техническая информация
- <SYSTEM32>\calc.exe
- <SYSTEM32>\taskkill.exe /f /im explorer.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\Script~LF4.exe.bat""
- %TEMP%\1.tmp\Script~LF4.exe.bat
- 'fr#.####orbit.bigpoint.com':80
- 'localhost':1035
- fr#.####orbit.bigpoint.com/p/3nLfG-7ZC4g/?la#####
- DNS ASK fr#.####orbit.bigpoint.com
- '<IP-адрес в локальной сети>':1036
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''