Техническая информация
- '<SYSTEM32>\pang.exe'
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\1.bat
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen <SYSTEM32>\mn.jpg
- '<SYSTEM32>\cmd.exe' /c 2.bat
- Библиотека-обработчик для всех процессов: %WINDIR%\help\B41346EFA848.dll
- C:\2.hiv
- C:\1.hiv
- %WINDIR%\1.bat
- %WINDIR%\Help\B41346EFA848.exe
- %WINDIR%\Help\B41346EFA848.dll
- <SYSTEM32>\mn.JPG
- <SYSTEM32>\pang.exe
- <SYSTEM32>\2.bat
- %HOMEPATH%\Recent\system32.lnk
- %HOMEPATH%\Recent\mn.lnk
- %WINDIR%\Help\B41346EFA848.exe
- %WINDIR%\Help\B41346EFA848.dll
- <SYSTEM32>\pang.exe
- C:\2.hiv
- C:\1.hiv
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''