Техническая информация
- '%WINDIR%\explorer.exe' /c, %TEMP%\vjjeeee.js
- %TEMP%\vjjeeee.js
- DNS ASK 8d#######a8r.kmqde1j97qpn.ml
- '<SYSTEM32>\wscript.exe' "%TEMP%\vjjeeee.js"
- '<SYSTEM32>\wscript.exe' "%TEMP%\vjjeeee.js"' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /S /D /c" sET/p 5777777="%ARR:CCAA=%%ffff555:JJJ=/%" 0<nul 1>%TEMP%\vjjeeee.js 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" CAll %DDA:HOOO=% %TEMP%\vjjeeee.js 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" exiT"