Техническая информация
- %WINDIR%\Temp\temp\winlog.exe
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\1.bat" "
- %APPDATA%\1.bat
- %WINDIR%\2.exe
- %WINDIR%\1.bat
- %WINDIR%\2.exe в %WINDIR%\Temp\temp\winlog.exe
- 'kt####.sytes.net':17618
- 'tb#.#ytes.net':3000
- DNS ASK kt####.sytes.net
- DNS ASK tb#.#ytes.net
- ClassName: 'Shell_TrayWnd' WindowName: ''