Техническая информация
- %HOMEPATH%\wuji\wripten.exe
- %HOMEPATH%\wuji\servce.exe
- %HOMEPATH%\wuji\tq.exe
- <SYSTEM32>\wscript.exe "%HOMEPATH%\wuji\1.vbs"
- <SYSTEM32>\taskkill.exe /f /im cmd.exe
- <SYSTEM32>\cmd.exe /c del "%HOMEPATH%\wuji\1.bat"
- <SYSTEM32>\net.exe stop sharedaccess
- <SYSTEM32>\netsh.exe firewall set opmode disable
- <SYSTEM32>\net1.exe stop sharedaccess
- C:\Documents and Settings\32488.exe
- %HOMEPATH%\wuji\1.vbs
- %HOMEPATH%\wuji\wripten.exe
- %HOMEPATH%\wuji\servce.exe
- %HOMEPATH%\wuji\tq.exe
- %HOMEPATH%\wuji\1.vbs
- 'af#####815.meibu.net':27835
- DNS ASK af#####815.meibu.net
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''