Техническая информация
- '<SYSTEM32>\xcopy.exe' hosts.txt <DRIVERS>\etc\ /y
- '<SYSTEM32>\attrib.exe' -r -a -s -h <DRIVERS>\etc\hosts
- '<SYSTEM32>\cacls.exe' <DRIVERS>\etc\hosts /g everyone:n
- '<SYSTEM32>\attrib.exe' +r +a +s +h <DRIVERS>\etc\hosts
- '<SYSTEM32>\conhost.exe'
- '<SYSTEM32>\WScript.exe' "C:\360Rec123\1.vbs"
- '<SYSTEM32>\cacls.exe' <DRIVERS>\etc\hosts /g everyone:f
- '<SYSTEM32>\taskkill.exe' /F /IM conime.exe
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- C:\360Rec123\1.bat
- C:\360Rec123\hosts.txt
- C:\360Rec123\1.vbs
- <DRIVERS>\etc\hosts
- <DRIVERS>\etc\hosts
- '22#.0.0.252':5355