Техническая информация
- %HOMEPATH%\start menu\programs\startup\gfxdriver.lnk
- %WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe
- %TEMP%\tmp1.tmp
- %TEMP%\tmp2.tmp
- %TEMP%\tmp3.tmp
- %HOMEPATH%\my documents\wjwk1mpj.rpc
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\tmp6.tmp
- %TEMP%\licensecheckfailed.html
- %APPDATA%\imminent\logs\23-09-2019
- %TEMP%\tmp1.tmp
- %TEMP%\tmp2.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\tmp6.tmp
- %HOMEPATH%\my documents\wjwk1mpj.rpc в %ALLUSERSPROFILE%\application data\gfxdriver\gfxdriver.exe
- DNS ASK ti####8.duckdns.org
- '%ALLUSERSPROFILE%\application data\gfxdriver\gfxdriver.exe'
- '<SYSTEM32>\cmd.exe' /c echo [zoneTransfer]ZoneID = 2 > "%ALLUSERSPROFILE%\Application Data\GFXDriver\GFXDriver.exe":ZONE.identifier' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c echo [zoneTransfer]ZoneID = 2 > "%ALLUSERSPROFILE%\Application Data\GFXDriver\GFXDriver.exe":ZONE.identifier
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe'
- '%ProgramFiles%\mozilla firefox\firefox.exe' -osint -url "%TEMP%\licensecheckfailed.html"