Техническая информация
- %HOMEPATH%\start menu\programs\startup\gsafeantivirus.lnk
- %TEMP%\7zipsfx.000\fin.bat
- %TEMP%\7zipsfx.000\bat2exe.exe
- %WINDIR%apps\defender\gsafe\gsafeantivirus\gsafe.exe
- %TEMP%\7zipsfx.000\bat2exe.exe
- %TEMP%\7zipsfx.000\fin.bat
- 'fi###oad.com':443
- DNS ASK fi###oad.com
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\7ZipSfx.000\fin.bat" "