Техническая информация
- 'C:\360SysRt\Leaking\0421.exe'
- '<SYSTEM32>\ping.exe' 127.0.0.1
- '<SYSTEM32>\xcopy.exe' hosts <DRIVERS>\etc\ /y
- '<SYSTEM32>\attrib.exe' -r -a -s -h <DRIVERS>\etc\hosts
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\1.bat" "
- '<SYSTEM32>\cacls.exe' <DRIVERS>\etc\hosts /g everyone:f
- %TEMP%\1.tmp\1.bat
- C:\360SysRt\Leaking\0421.exe
- C:\360SysRt\Leaking\hosts
- <DRIVERS>\etc\hosts
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''