Техническая информация
- '%WINDIR%\syswow64\taskkill.exe' /f /im explorer.exe
- %WINDIR%\explorer.exe
- %HOMEPATH%\desktop\iisstart.html
- %HOMEPATH%\desktop\browse.html
- %HOMEPATH%\desktop\api-hashmap.html
- %TEMP%\~755.bat
- C:\boot.ini
- C:\distrus.txt
- %TEMP%\~755.bat
- ClassName: '' WindowName: ''
- ClassName: 'Progman' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'Media Center Tray Applet' WindowName: ''
- ClassName: '' WindowName: 'View Available Networks'
- ClassName: 'BluetoothNotificationAreaIconWindowClass' WindowName: 'BluetoothNotificationAreaIconWindowClass'
- ClassName: 'BluetoothNotificationAreaIconWindowClass' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\~755.bat "<Полный путь к файлу>"' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\~755.bat "<Полный путь к файлу>"
- '%WINDIR%\syswow64\attrib.exe' -r -s -h %WINDIR%\explorer.exe
- '%WINDIR%\syswow64\attrib.exe' -r -s -h C:\boot.ini
- '%WINDIR%\explorer.exe'
- '%WINDIR%\syswow64\regedit.exe' /s virus.reg