Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im wscript.exe
- <SYSTEM32>\wscript.exe
- %TEMP%\9df2.tmp\tsdfi.bat
- %TEMP%\webclient.vbs
- nul
- %TEMP%\webclient.vbs
- DNS ASK ap#.##osfilter.net
- ClassName: '' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%TEMP%\webclient.vbs"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\9DF2.tmp\TSDFI.bat""
- '<SYSTEM32>\mode.com' con lines=22 cols=70
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 2 -w 1000
- '<SYSTEM32>\tasklist.exe'
- '<SYSTEM32>\find.exe' "wscript.exe"