Техническая информация
- %TEMP%\RarSFX0\start.exe -p123123
- <SYSTEM32>\attrib.exe +H hosts
- <SYSTEM32>\cmd.exe /c ""<DRIVERS>\etc\start.bat" "
- <DRIVERS>\etc\afaqas
- <DRIVERS>\etc\start.bat
- %TEMP%\RarSFX0\start.exe
- %TEMP%\RarSFX0\start.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''