Техническая информация
- <SYSTEM32>\attrib.exe +s +h +r <DRIVERS>\etc\hosts
- <SYSTEM32>\attrib.exe -a -s -h -r %WINDIR%\hosts
- <SYSTEM32>\attrib.exe +s +h +r <DRIVERS>\hosts
- <SYSTEM32>\attrib.exe +s +h +r %WINDIR%\hosts
- <SYSTEM32>\attrib.exe +s +h +r <SYSTEM32>\hosts
- <SYSTEM32>\taskkill.exe /f /IM winrun.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\cord.bat""
- <SYSTEM32>\attrib.exe -a -s -h -r <DRIVERS>\etc\hosts
- <SYSTEM32>\attrib.exe -a -s -h -r <SYSTEM32>\hosts
- <SYSTEM32>\attrib.exe -a -s -h -r <DRIVERS>\hosts
- %TEMP%\1.tmp\cord.bat
- <DRIVERS>\etc\host
- %TEMP%\1.tmp\b2e
- %TEMP%\1.tmp\binaries.txt
- %TEMP%\1.tmp\cord.bat
- %TEMP%\1.tmp\b2e.dll
- <DRIVERS>\etc\hosts
- %TEMP%\1.tmp\binaries.txt
- %TEMP%\1.tmp\b2e
- ClassName: '' WindowName: ''