Техническая информация
- <SYSTEM32>\tasks\update\9zwjb6mf57hcvqp7j
- %WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe
- %PROGRAMDATA%\2018-10-정상회원목록.xlsx
- %PROGRAMDATA%\~$2018-10-정상회원목록.xlsx
- %HOMEPATH%\desktop\nymxbgzg.exe
- %TEMP%\9zwjb6mf57hcvqp7j.txt
- %TEMP%\1539775139.xml
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\run.dat
- %HOMEPATH%\desktop\nymxbgzg.exe
- %TEMP%\1539775139.xml
- DNS ASK gm###l.zz.am
- ClassName: 'XLMAIN' WindowName: 'Microsoft Excel (Product Activation Failed) - Book1'
- ClassName: 'XLMAIN' WindowName: ''
- '%HOMEPATH%\desktop\nymxbgzg.exe'
- '%ProgramFiles%\microsoft office\office14\excel.exe' /dde
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\schtasks.exe' /Delete /TN "Update\9zwJB6MF57HCVqp7J" /F
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Update\9zwJB6MF57HCVqp7J" /XML "%TEMP%\1539775139.xml"
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe'