Техническая информация
- <SYSTEM32>\tasks\update\discord
- %PROGRAMDATA%\cubeconverter.exe
- %TEMP%\discord.txt
- %TEMP%\481437253.xml
- %APPDATA%\imminent\logs\25-04-2020
- %TEMP%\481437253.xml
- из <Полный путь к файлу> в %APPDATA%\discord\discord.exe
- DNS ASK bl#####ngel.zapto.org
- ClassName: 'AutoHotkey' WindowName: '%PROGRAMDATA%\CubeConverter.exe'
- ClassName: '#32771' WindowName: ''
- '%PROGRAMDATA%\cubeconverter.exe'
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\schtasks.exe' /Delete /TN "Update\discord" /F
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Update\discord" /XML "%TEMP%\481437253.xml"