Техническая информация
- %HOMEPATH%\start menu\programs\startup\update.exe
- %HOMEPATH%\appdata\roaming\microsoft\windows\start menu\programs\startup\downloads.exe
- %TEMP%\aut1.tmp
- %TEMP%\windows.exe
- %TEMP%\1.txt
- %TEMP%\aut1.tmp
- DNS ASK bi#.ly
- ClassName: 'EDIT' WindowName: ''
- '%HOMEPATH%\appdata\roaming\microsoft\windows\start menu\programs\startup\downloads.exe'
- '%TEMP%\windows.exe'
- '%ProgramFiles%\mozilla firefox\firefox.exe' -osint -url "https://bit.ly/2GvP3lL"