Техническая информация
- '<SYSTEM32>\gecryptete.exe'
- '<SYSTEM32>\ntvdm.exe' -f -i1
- %TEMP%\server.exe
- <SYSTEM32>\crypted.exe
- %WINDIR%\Temp\scs4.tmp
- %WINDIR%\Temp\scs3.tmp
- %TEMP%\aut1.tmp
- <SYSTEM32>\gecryptete.exe
- %TEMP%\aut2.tmp
- <SYSTEM32>\Crypt.dll
- %TEMP%\server.exe
- %WINDIR%\Temp\scs3.tmp
- %WINDIR%\Temp\scs4.tmp
- <SYSTEM32>\crypted.exe
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- <SYSTEM32>\Crypt.dll
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-c6c.c70.380001'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''