Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im cmd.exe
- '<SYSTEM32>\taskkill.exe' /f /im wscript.exe
- <SYSTEM32>\cmd.exe
- %TEMP%\ixp000.tmp\boxkil~1.cmd
- %TEMP%\ixp000.tmp\launch~1.cmd
- %TEMP%\ixp000.tmp\launch~1.cmd
- %TEMP%\ixp000.tmp\boxkil~1.cmd
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c %TEMP%\IXP000.TMP\LAUNCH~1.CMD' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\IXP000.TMP\BOXKIL~1.CMD' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\IXP000.TMP\LAUNCH~1.CMD
- '<SYSTEM32>\cmd.exe' /c %TEMP%\IXP000.TMP\BOXKIL~1.CMD