Техническая информация
- '%WINDIR%\syswow64\taskkill.exe' /F /PID "1988"
- _7zipd.exe
- %ALLUSERSPROFILE%\_7zipd.exe
- %ALLUSERSPROFILE%\protonvpns.exe
- %ALLUSERSPROFILE%\_7zipd.exe
- 'google.com':443
- '7z##.mobi':80
- '7z##d.com':80
- '7z##e.com':80
- '7z##es.com':80
- 'ku##usi.org':80
- 'we####rwindows.pk':80
- 'google.com':443
- DNS ASK google.com
- DNS ASK 7z##.mobi
- DNS ASK 7z##d.com
- DNS ASK 7z##e.com
- DNS ASK 7z##es.com
- DNS ASK ku##usi.org
- DNS ASK we####rwindows.pk
- '%ALLUSERSPROFILE%\_7zipd.exe'
- '%ALLUSERSPROFILE%\protonvpns.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\Remove.bat" "1988" "%ALLUSERSPROFILE%\_7zipd.exe""' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\Remove.bat" "1988" "%ALLUSERSPROFILE%\_7zipd.exe""
- '%WINDIR%\syswow64\choice.exe' /C Y /N /D Y /T 3