Техническая информация
- '<SYSTEM32>\taskkill.exe' /im explorer.exe /f
- '<SYSTEM32>\taskkill.exe' /f /im FortniteClient-Win64-Shipping_EAC.exe
- '<SYSTEM32>\taskkill.exe' /f /im FortniteClient-Win64-Shipping.exe
- '<SYSTEM32>\taskkill.exe' /f /im FortniteClient-Win64-Shipping_BE.exe
- '<SYSTEM32>\taskkill.exe' /f /im FortniteLauncher.exe
- '<SYSTEM32>\taskkill.exe' /f /im EpicGamesLauncher.exe
- %WINDIR%\explorer.exe
- <SYSTEM32>\cmd.exe
- %TEMP%\8f15.tmp\8f16.tmp\8f26.bat
- nul
- %TEMP%\~tmpsendkeystemp.vbs
- C:\t
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cscript.exe' //nologo "%TEMP%\~tmpSendKeysTemp.vbs"
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\8F15.tmp\8F16.tmp\8F26.bat <Полный путь к файлу>"
- '<SYSTEM32>\net.exe' FILE
- '<SYSTEM32>\net1.exe' FILE
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Set-MpPreference -DisableRealtimeMonitoring 1
- '<SYSTEM32>\timeout.exe' 5
- '<SYSTEM32>\timeout.exe' 1
- '<SYSTEM32>\timeout.exe' 3
- '<SYSTEM32>\reg.exe' add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography" /v "MachineGuid" /t REG_SZ /d "2429928181973711351319632006229348347" /f
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\SOFTWARE\Epic Games\Unreal Engine\Identifiers" /v "AccountId" /t REG_SZ /d "24157127604038846778316202245930675" /f
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\SOFTWARE\Epic Games\Unreal Engine\Identifiers" /v "MachineId" /t REG_SZ /d "1030361612759021461194721114869914671" /f
- '<SYSTEM32>\attrib.exe' +s +h %TEMP%\604128953920314341301773653
- '<SYSTEM32>\timeout.exe' 2