BackDoor.Bifrost.30825

Техническая информация

Вредоносные функции

Запускает на исполнение

'<SYSTEM32>\taskkill.exe' /f /im node.exe
'<SYSTEM32>\taskkill.exe' /f /im cmd.exe

Завершает или пытается завершить

следующие системные процессы:

<SYSTEM32>\cmd.exe

Изменения в файловой системе

Создает следующие файлы

%TEMP%\8094.tmp\8095.tmp\8096.vbs
%APPDATA%\discord'\node_modules\inherits\inherits.js
%APPDATA%\discord'\node_modules\inflight\readme.md
%APPDATA%\discord'\node_modules\inflight\package.json
%APPDATA%\discord'\node_modules\inflight\license
%APPDATA%\discord'\node_modules\inflight\inflight.js
%APPDATA%\discord'\node_modules\glob\sync.js
%APPDATA%\discord'\node_modules\glob\readme.md
%APPDATA%\discord'\node_modules\glob\package.json
%APPDATA%\discord'\node_modules\glob\license
%APPDATA%\discord'\node_modules\glob\glob.js
%APPDATA%\discord'\node_modules\glob\common.js
%APPDATA%\discord'\node_modules\glob\changelog.md
%APPDATA%\discord'\node_modules\fs.realpath\readme.md
%APPDATA%\discord'\node_modules\fs.realpath\package.json
%APPDATA%\discord'\node_modules\fs.realpath\old.js
%APPDATA%\discord'\node_modules\fs.realpath\license
%APPDATA%\discord'\node_modules\fs.realpath\index.js
%APPDATA%\discord'\node_modules\fs\readme.md
%APPDATA%\discord'\node_modules\fs\package.json
%APPDATA%\discord'\node_modules\event-target-shim\readme.md
%APPDATA%\discord'\node_modules\event-target-shim\package.json
%APPDATA%\discord'\node_modules\event-target-shim\license
%APPDATA%\discord'\node_modules\event-target-shim\index.d.ts
%APPDATA%\discord'\node_modules\inherits\inherits_browser.js
%APPDATA%\discord'\node_modules\inherits\license
%APPDATA%\discord'\node_modules\inherits\package.json
%APPDATA%\discord'\node_modules\inherits\readme.md
%APPDATA%\discord'\node_modules\node-fetch\browser.js
%APPDATA%\discord'\node_modules\minimatch\readme.md
%APPDATA%\discord'\node_modules\minimatch\package.json
%APPDATA%\discord'\node_modules\minimatch\minimatch.js
%APPDATA%\discord'\node_modules\minimatch\license
%APPDATA%\discord'\node_modules\mime-types\readme.md
%APPDATA%\discord'\node_modules\mime-types\package.json
%APPDATA%\discord'\node_modules\mime-types\license
%APPDATA%\discord'\node_modules\mime-types\index.js
%APPDATA%\discord'\node_modules\mime-types\history.md
%APPDATA%\discord'\node_modules\mime-db\readme.md
%APPDATA%\discord'\node_modules\mime-db\license
%APPDATA%\discord'\node_modules\mime-db\package.json
%APPDATA%\discord'\node_modules\mime-db\index.js
%APPDATA%\discord'\node_modules\mime-db\history.md
%APPDATA%\discord'\node_modules\mime-db\db.json
%APPDATA%\discord'\node_modules\ip\test\api-test.js
%APPDATA%\discord'\node_modules\ip\readme.md
%APPDATA%\discord'\node_modules\ip\package.json
%APPDATA%\discord'\node_modules\ip\lib\ip.js
%APPDATA%\discord'\node_modules\ip\.travis.yml
%APPDATA%\discord'\node_modules\ip\.npmignore
%APPDATA%\discord'\node_modules\ip\.jshintrc
%APPDATA%\discord'\node_modules\ip\.jscsrc
%APPDATA%\discord'\node_modules\node-fetch\changelog.md
%APPDATA%\discord'\node_modules\event-target-shim\dist\event-target-shim.umd.js.map
%APPDATA%\discord'\node_modules\event-target-shim\dist\event-target-shim.umd.js
%APPDATA%\discord'\node_modules\event-target-shim\dist\event-target-shim.mjs.map
%APPDATA%\discord'\node_modules\discord.js\src\structures\user.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\textchannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\teammember.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\team.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\storechannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\role.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\reactionemoji.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\reactioncollector.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\presence.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\permissionoverwrites.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\partialgroupdmchannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\newschannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\messagereaction.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\messagementions.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\messageembed.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\messagecollector.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\messageattachment.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\message.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\invite.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\interfaces\textbasedchannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\interfaces\collector.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\integration.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\guildpreviewemoji.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\voicechannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\voiceregion.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\voicestate.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\webhook.js
%APPDATA%\discord'\node_modules\event-target-shim\dist\event-target-shim.js.map
%APPDATA%\discord'\node_modules\event-target-shim\dist\event-target-shim.js
%APPDATA%\discord'\node_modules\discord.js\webpack\discord.min.js.license.txt
%APPDATA%\discord'\node_modules\discord.js\webpack\discord.min.js
%APPDATA%\discord'\node_modules\discord.js\webpack\discord.js.license.txt
%APPDATA%\discord'\node_modules\discord.js\webpack\discord.js
%APPDATA%\discord'\node_modules\discord.js\typings\index.ts
%APPDATA%\discord'\node_modules\discord.js\typings\index.d.ts
%APPDATA%\discord'\node_modules\discord.js\src\websocket.js
%APPDATA%\discord'\node_modules\discord.js\src\util\util.js
%APPDATA%\discord'\node_modules\discord.js\src\util\userflags.js
%APPDATA%\discord'\node_modules\discord.js\src\util\structures.js
%APPDATA%\discord'\node_modules\discord.js\src\util\systemchannelflags.js
%APPDATA%\discord'\node_modules\discord.js\src\util\speaking.js
%APPDATA%\discord'\node_modules\discord.js\src\util\snowflake.js
%APPDATA%\discord'\node_modules\discord.js\src\util\permissions.js
%APPDATA%\discord'\node_modules\discord.js\src\util\messageflags.js
%APPDATA%\discord'\node_modules\discord.js\src\util\limitedcollection.js
%APPDATA%\discord'\node_modules\discord.js\src\util\intents.js
%APPDATA%\discord'\node_modules\discord.js\src\util\dataresolver.js
%APPDATA%\discord'\node_modules\discord.js\src\util\constants.js
%APPDATA%\discord'\node_modules\discord.js\src\util\collection.js
%APPDATA%\discord'\node_modules\discord.js\src\util\bitfield.js
%APPDATA%\discord'\node_modules\discord.js\src\util\activityflags.js
%APPDATA%\discord'\node_modules\event-target-shim\dist\event-target-shim.mjs
%APPDATA%\discord'\node_modules\node-fetch\lib\index.es.js
%APPDATA%\discord'\node_modules\node-fetch\lib\index.js
%APPDATA%\discord'\node_modules\node-fetch\lib\index.mjs
%APPDATA%\discord'\node_modules\wrappy\package.json
%APPDATA%\discord'\node_modules\wrappy\license
%APPDATA%\discord'\node_modules\tweetnacl\readme.md
%APPDATA%\discord'\node_modules\tweetnacl\pull_request_template.md
%APPDATA%\discord'\node_modules\tweetnacl\package.json
%APPDATA%\discord'\node_modules\tweetnacl\nacl.min.js
%APPDATA%\discord'\node_modules\tweetnacl\nacl.js
%APPDATA%\discord'\node_modules\tweetnacl\nacl.d.ts
%APPDATA%\discord'\node_modules\tweetnacl\nacl-fast.min.js
%APPDATA%\discord'\node_modules\tweetnacl\nacl-fast.js
%APPDATA%\discord'\node_modules\tweetnacl\license
%APPDATA%\discord'\node_modules\tweetnacl\authors.md
%APPDATA%\discord'\node_modules\wrappy\wrappy.js
%APPDATA%\discord'\node_modules\temp\readme.md
%APPDATA%\discord'\node_modules\temp\package.json
%APPDATA%\discord'\node_modules\temp\license
%APPDATA%\discord'\node_modules\temp\lib\temp.js
%APPDATA%\discord'\node_modules\setimmediate\setimmediate.js
%APPDATA%\discord'\node_modules\setimmediate\package.json
%APPDATA%\discord'\node_modules\setimmediate\license.txt
%APPDATA%\discord'\node_modules\screenshot-desktop\test.js
%APPDATA%\discord'\node_modules\screenshot-desktop\renovate.json
%APPDATA%\discord'\node_modules\screenshot-desktop\readme.md
%APPDATA%\discord'\node_modules\tweetnacl\changelog.md
%APPDATA%\discord'\steal.bat
%APPDATA%\discord'\node_modules\ws\browser.js
%APPDATA%\discord'\starter.vbs
%APPDATA%\discord'\starter.bat
%APPDATA%\discord'\spamhide.vbs
%APPDATA%\discord'\spam.bat
%APPDATA%\discord'\refresh.bat
%APPDATA%\discord'\prohide.vbs
%APPDATA%\discord'\package.json
%APPDATA%\discord'\package-lock.json
%APPDATA%\discord'\node_need.vbs
%APPDATA%\discord'\node_modules\ws\readme.md
%APPDATA%\discord'\node_modules\ws\package.json
%APPDATA%\discord'\node_modules\screenshot-desktop\package.json
%APPDATA%\discord'\node_modules\wrappy\readme.md
%APPDATA%\discord'\node_modules\ws\lib\websocket-server.js
%APPDATA%\discord'\node_modules\ws\lib\validation.js
%APPDATA%\discord'\node_modules\ws\lib\stream.js
%APPDATA%\discord'\node_modules\ws\lib\sender.js
%APPDATA%\discord'\node_modules\ws\lib\receiver.js
%APPDATA%\discord'\node_modules\ws\lib\permessage-deflate.js
%APPDATA%\discord'\node_modules\ws\lib\limiter.js
%APPDATA%\discord'\node_modules\ws\lib\extension.js
%APPDATA%\discord'\node_modules\ws\lib\event-target.js
%APPDATA%\discord'\node_modules\ws\lib\constants.js
%APPDATA%\discord'\node_modules\ws\lib\buffer-util.js
%APPDATA%\discord'\node_modules\ws\lib\websocket.js
%APPDATA%\discord'\node_modules\ws\index.js
%APPDATA%\discord'\node_modules\screenshot-desktop\lib\win32\screencapture_1.3.2.exe
%APPDATA%\discord'\node_modules\screenshot-desktop\lib\win32\screencapture_1.3.2.bat
%APPDATA%\discord'\node_modules\screenshot-desktop\lib\win32\index.js
%APPDATA%\discord'\node_modules\pinkie\index.js
%APPDATA%\discord'\node_modules\prism-media\src\core\ffmpeg.js
%APPDATA%\discord'\node_modules\prism-media\readme.md
%APPDATA%\discord'\node_modules\prism-media\package.json
%APPDATA%\discord'\node_modules\prism-media\license
%APPDATA%\discord'\node_modules\pinkie-promise\readme.md
%APPDATA%\discord'\node_modules\pinkie-promise\package.json
%APPDATA%\discord'\node_modules\pinkie-promise\license
%APPDATA%\discord'\node_modules\pinkie-promise\index.js
%APPDATA%\discord'\node_modules\pinkie\readme.md
%APPDATA%\discord'\node_modules\pinkie\package.json
%APPDATA%\discord'\node_modules\discord.js\src\structures\guildpreview.js
%APPDATA%\discord'\node_modules\prism-media\src\core\volumetransformer.js
%APPDATA%\discord'\node_modules\path-is-absolute\readme.md
%APPDATA%\discord'\node_modules\path-is-absolute\package.json
%APPDATA%\discord'\node_modules\path-is-absolute\license
%APPDATA%\discord'\node_modules\path-is-absolute\index.js
%APPDATA%\discord'\node_modules\once\readme.md
%APPDATA%\discord'\node_modules\once\package.json
%APPDATA%\discord'\node_modules\once\once.js
%APPDATA%\discord'\node_modules\once\license
%APPDATA%\discord'\node_modules\node-fetch\readme.md
%APPDATA%\discord'\node_modules\node-fetch\package.json
%APPDATA%\discord'\node_modules\node-fetch\license.md
%APPDATA%\discord'\node_modules\pinkie\license
%APPDATA%\discord'\node_modules\rimraf\package.json
%APPDATA%\discord'\node_modules\prism-media\src\core\webmbase.js
%APPDATA%\discord'\node_modules\prism-media\src\opus\oggdemuxer.js
%APPDATA%\discord'\node_modules\prism-media\src\index.js
%APPDATA%\discord'\node_modules\screenshot-desktop\lib\win32\app.manifest
%APPDATA%\discord'\node_modules\screenshot-desktop\lib\utils.js
%APPDATA%\discord'\node_modules\screenshot-desktop\lib\linux\index.js
%APPDATA%\discord'\node_modules\screenshot-desktop\lib\darwin\index.js
%APPDATA%\discord'\node_modules\screenshot-desktop\index.js
%APPDATA%\discord'\node_modules\screenshot-desktop\examples\multiscreens.js
%APPDATA%\discord'\node_modules\screenshot-desktop\examples\example.js
%APPDATA%\discord'\node_modules\screenshot-desktop\.travis.yml
%APPDATA%\discord'\node_modules\screenshot-desktop\.github\issue_template\feature_request.md
%APPDATA%\discord'\node_modules\screenshot-desktop\.github\issue_template\bug_report.md
%APPDATA%\discord'\node_modules\prism-media\src\opus\index.js
%APPDATA%\discord'\node_modules\rimraf\rimraf.js
%APPDATA%\discord'\node_modules\prism-media\src\core\index.js
%APPDATA%\discord'\node_modules\rimraf\license
%APPDATA%\discord'\node_modules\rimraf\bin.js
%APPDATA%\discord'\node_modules\prism-media\typings\vorbis.d.ts
%APPDATA%\discord'\node_modules\prism-media\typings\opus.d.ts
%APPDATA%\discord'\node_modules\prism-media\typings\index.d.ts
%APPDATA%\discord'\node_modules\prism-media\src\vorbis\webmdemuxer.js
%APPDATA%\discord'\node_modules\prism-media\src\vorbis\index.js
%APPDATA%\discord'\node_modules\prism-media\src\util\loader.js
%APPDATA%\discord'\node_modules\prism-media\src\opus\webmdemuxer.js
%APPDATA%\discord'\node_modules\prism-media\src\opus\opus.js
%APPDATA%\discord'\node_modules\rimraf\readme.md
%APPDATA%\discord'\node_modules\ws\license
%APPDATA%\discord'\node_modules\discord.js\src\structures\guildmember.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\apimessage.js
%APPDATA%\discord'\node_modules\delayed-stream\makefile
%APPDATA%\discord'\node_modules\delayed-stream\license
%APPDATA%\discord'\node_modules\delayed-stream\lib\delayed_stream.js
%APPDATA%\discord'\node_modules\delayed-stream\.npmignore
%APPDATA%\discord'\node_modules\concat-map\test\map.js
%APPDATA%\discord'\node_modules\concat-map\readme.markdown
%APPDATA%\discord'\node_modules\concat-map\package.json
%APPDATA%\discord'\node_modules\concat-map\license
%APPDATA%\discord'\node_modules\concat-map\index.js
%APPDATA%\discord'\node_modules\concat-map\example\map.js
%APPDATA%\discord'\node_modules\concat-map\.travis.yml
%APPDATA%\discord'\node_modules\combined-stream\yarn.lock
%APPDATA%\discord'\node_modules\combined-stream\readme.md
%APPDATA%\discord'\node_modules\combined-stream\package.json
%APPDATA%\discord'\node_modules\combined-stream\license
%APPDATA%\discord'\node_modules\combined-stream\lib\combined_stream.js
%APPDATA%\discord'\node_modules\brace-expansion\readme.md
%APPDATA%\discord'\node_modules\brace-expansion\package.json
%APPDATA%\discord'\node_modules\brace-expansion\license
%APPDATA%\discord'\node_modules\brace-expansion\index.js
%APPDATA%\discord'\node_modules\balanced-match\readme.md
%APPDATA%\discord'\node_modules\balanced-match\package.json
%APPDATA%\discord'\node_modules\balanced-match\license.md
%APPDATA%\discord'\node_modules\delayed-stream\package.json
%APPDATA%\discord'\node_modules\delayed-stream\readme.md
%APPDATA%\discord'\node_modules\discord.js\.tern-project
%APPDATA%\discord'\node_modules\discord.js\esm\discord.mjs
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\invitecreate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildroleupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildrolespositionupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildroledelete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildrolecreate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildmemberremove.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildintegrationsupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildemojiupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildemojisupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildemojidelete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guilddelete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildemojicreate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildchannelspositionupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\guildbanremove.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\channelupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\channeldelete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\channelcreate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\actionsmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\action.js
%APPDATA%\discord'\node_modules\discord.js\readme.md
%APPDATA%\discord'\node_modules\discord.js\package.json
%APPDATA%\discord'\node_modules\discord.js\license
%APPDATA%\discord'\node_modules\discord.js\jsdoc.json
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\invitedelete.js
%APPDATA%\discord'\node_modules\balanced-match\index.js
%APPDATA%\discord'\node_modules\balanced-match\.npmignore
%APPDATA%\discord'\node_modules\asynckit\stream.js
%APPDATA%\discord'\node_modules\abort-controller\dist\abort-controller.js
%APPDATA%\discord'\node_modules\abort-controller\dist\abort-controller.d.ts
%APPDATA%\discord'\node_modules\abort-controller\browser.mjs
%APPDATA%\discord'\node_modules\abort-controller\browser.js
%APPDATA%\discord'\node_modules\@discordjs\form-data\readme.md
%APPDATA%\discord'\node_modules\@discordjs\form-data\package.json
%APPDATA%\discord'\node_modules\@discordjs\form-data\license
%APPDATA%\discord'\node_modules\@discordjs\form-data\lib\populate.js
%APPDATA%\discord'\node_modules\@discordjs\form-data\lib\form_data.js
%APPDATA%\discord'\node_modules\@discordjs\form-data\lib\browser.js
%APPDATA%\discord'\node_modules\@discordjs\form-data\index.d.ts
%APPDATA%\discord'\node_modules\@discordjs\collection\readme.md
%APPDATA%\discord'\node_modules\@discordjs\collection\package.json
%APPDATA%\discord'\node_modules\@discordjs\collection\license
%APPDATA%\discord'\node_modules\@discordjs\collection\dist\index.js
%APPDATA%\discord'\node_modules\@discordjs\collection\dist\index.d.ts
%APPDATA%\discord'\node_modules\.bin\rimraf.ps1
%APPDATA%\discord'\node_modules\.bin\rimraf.cmd
%APPDATA%\discord'\node_modules\.bin\rimraf
%APPDATA%\discord'\main.js
%APPDATA%\discord'\editer.bat
%APPDATA%\discord'\crash.bat
%APPDATA%\discord'\alert.txt
%APPDATA%\discord'\node_modules\abort-controller\dist\abort-controller.js.map
%APPDATA%\discord'\node_modules\abort-controller\dist\abort-controller.mjs
%APPDATA%\discord'\node_modules\abort-controller\dist\abort-controller.mjs.map
%APPDATA%\discord'\node_modules\abort-controller\dist\abort-controller.umd.js
%APPDATA%\discord'\node_modules\asynckit\serial.js
%APPDATA%\discord'\node_modules\asynckit\readme.md
%APPDATA%\discord'\node_modules\asynckit\parallel.js
%APPDATA%\discord'\node_modules\asynckit\package.json
%APPDATA%\discord'\node_modules\asynckit\license
%APPDATA%\discord'\node_modules\asynckit\lib\terminator.js
%APPDATA%\discord'\node_modules\asynckit\lib\streamify.js
%APPDATA%\discord'\node_modules\asynckit\lib\state.js
%APPDATA%\discord'\node_modules\asynckit\lib\readable_serial_ordered.js
%APPDATA%\discord'\node_modules\asynckit\lib\readable_serial.js
%APPDATA%\discord'\node_modules\asynckit\lib\readable_parallel.js
%APPDATA%\discord'\node_modules\asynckit\lib\iterate.js
%APPDATA%\discord'\node_modules\asynckit\lib\readable_asynckit.js
%APPDATA%\discord'\node_modules\asynckit\lib\defer.js
%APPDATA%\discord'\node_modules\asynckit\lib\async.js
%APPDATA%\discord'\node_modules\asynckit\lib\abort.js
%APPDATA%\discord'\node_modules\asynckit\index.js
%APPDATA%\discord'\node_modules\asynckit\bench.js
%APPDATA%\discord'\node_modules\abort-controller\readme.md
%APPDATA%\discord'\node_modules\abort-controller\polyfill.mjs
%APPDATA%\discord'\node_modules\abort-controller\polyfill.js
%APPDATA%\discord'\node_modules\abort-controller\package.json
%APPDATA%\discord'\node_modules\abort-controller\license
%APPDATA%\discord'\node_modules\abort-controller\dist\abort-controller.umd.js.map
%APPDATA%\discord'\node_modules\asynckit\serialordered.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messagecreate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messagedelete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messagedeletebulk.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\guildmemberrolemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\guildmembermanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\guildmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\guildemojirolemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\guildemojimanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\guildchannelmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\channelmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\basemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\index.js
%APPDATA%\discord'\node_modules\discord.js\src\errors\messages.js
%APPDATA%\discord'\node_modules\discord.js\src\errors\index.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\websocketshard.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\presencemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\websocketmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\webhooks_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\voice_state_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\voice_server_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\user_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\typing_start.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\resumed.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\ready.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\presence_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_update.js
%APPDATA%\discord'\node_modules\discord.js\src\errors\djserror.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\guildchannel.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\reactionmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\guildauditlogs.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\guild.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\emoji.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\dmchannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\clientuser.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\clientpresence.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\clientapplication.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\channel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\categorychannel.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\baseguildemoji.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\base.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_reaction_remove_emoji.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\messagemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\sharding\shardclientutil.js
%APPDATA%\discord'\node_modules\discord.js\src\sharding\shard.js
%APPDATA%\discord'\node_modules\discord.js\src\rest\restmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\rest\requesthandler.js
%APPDATA%\discord'\node_modules\discord.js\src\rest\httperror.js
%APPDATA%\discord'\node_modules\discord.js\src\rest\discordapierror.js
%APPDATA%\discord'\node_modules\discord.js\src\rest\apirouter.js
%APPDATA%\discord'\node_modules\discord.js\src\rest\apirequest.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\voicestatemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\usermanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\rolemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\sharding\shardingmanager.js
%APPDATA%\discord'\node_modules\discord.js\src\managers\reactionusermanager.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_reaction_remove_all.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_reaction_remove.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_reaction_add.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\clientvoicemanager.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\util\secretbox.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\util\playinterface.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\receiver\receiver.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\receiver\packethandler.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\player\broadcastaudioplayer.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\player\baseplayer.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\player\audioplayer.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\networking\voicewebsocket.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\networking\voiceudpclient.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\dispatcher\streamdispatcher.js
%APPDATA%\discord'\node_modules\discord.js\src\structures\guildemoji.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\util\volumeinterface.js
%APPDATA%\discord'\node_modules\discord.js\src\client\client.js
%APPDATA%\discord'\node_modules\discord.js\src\client\baseclient.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\webhooksupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\voicestateupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\userupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\presenceupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messageupdate.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messagereactionremoveemoji.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messagereactionremoveall.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messagereactionremove.js
%APPDATA%\discord'\node_modules\discord.js\src\client\actions\messagereactionadd.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\dispatcher\broadcastdispatcher.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_member_add.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\voicebroadcast.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\channel_create.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\voiceconnection.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_delete_bulk.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_delete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\message_create.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\invite_delete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\invite_create.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\index.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_role_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_role_delete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_role_create.js
%APPDATA%\discord'\node_modules\discord.js\src\client\webhookclient.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_member_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\voice\util\silence.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_members_chunk.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_integrations_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_emojis_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_delete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_create.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_ban_remove.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_ban_add.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\channel_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\channel_pins_update.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\channel_delete.js
%APPDATA%\discord'\node_modules\discord.js\src\client\websocket\handlers\guild_member_remove.js
%APPDATA%\discord'\worm.vbs

Удаляет следующие файлы

%TEMP%\8094.tmp\8095.tmp\8096.vbs

Другое

Ищет следующие окна

ClassName: '' WindowName: ''

Создает и запускает на исполнение

'<SYSTEM32>\wscript.exe' %TEMP%\8094.tmp\8095.tmp\8096.vbs //Nologo
'<SYSTEM32>\wscript.exe' %TEMP%\8094.tmp\8095.tmp\8096.vbs //Nologo' (со скрытым окном)
'<SYSTEM32>\taskkill.exe' /f /im node.exe' (со скрытым окном)
'<SYSTEM32>\taskkill.exe' /f /im cmd.exe' (со скрытым окном)
'<SYSTEM32>\cmd.exe' /c ""%APPDATA%\discord'\steal.bat" "' (со скрытым окном)
'<SYSTEM32>\cmd.exe' /c ""%APPDATA%\discord'\refresh.bat" "' (со скрытым окном)
'<SYSTEM32>\cmd.exe' /c ""%APPDATA%\discord'\editer.bat" "' (со скрытым окном)

Запускает на исполнение

'<SYSTEM32>\cmd.exe' /c ""%APPDATA%\discord'\steal.bat" "
'<SYSTEM32>\cmd.exe' /c ""%APPDATA%\discord'\refresh.bat" "
'<SYSTEM32>\cmd.exe' /c ""%APPDATA%\discord'\editer.bat" "

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней