Техническая информация
- https://dl.kjposter.com/downloads/iexplore.exe как <Текущая директория>\iexplore.exe
- '<SYSTEM32>\taskkill.exe' /F /IM autoposter.exe
- %TEMP%\nsn53ea.tmp\system.dll
- <Текущая директория>\cap.log
- %WINDIR%\temp\cabe85c.tmp
- %WINDIR%\temp\tare86d.tmp
- %WINDIR%\temp\cabfdc2.tmp
- %WINDIR%\temp\tarfdd2.tmp
- %WINDIR%\temp\cabfde3.tmp
- %WINDIR%\temp\tarfde4.tmp
- %WINDIR%\temp\cabe85c.tmp
- %WINDIR%\temp\tare86d.tmp
- %WINDIR%\temp\cabfdc2.tmp
- %WINDIR%\temp\tarfdd2.tmp
- %WINDIR%\temp\cabfde3.tmp
- %WINDIR%\temp\tarfde4.tmp
- %TEMP%\nsn53ea.tmp\system.dll
- 'dl.##poster.com':443
- 'cl###ster.com':443
- 'dl.##poster.com':443
- DNS ASK dl.##poster.com
- DNS ASK cl###ster.com
- '<SYSTEM32>\timeout.exe' /T 3
- '<SYSTEM32>\bitsadmin.exe' /transfer mj /download /priority FOREGROUND https://claposter.com/downloads/autoposter.exe "<Текущая директория>\0-autoposter.exe"
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\Start.bat 333
- '<SYSTEM32>\cmd.exe' /c timeout /t 1 & TASKKILL /F /IM autoposter.exe & ren <Текущая директория>\autoposter.exe ~autoposter.exe & copy /y 0-autoposter.exe autoposter.exe
- '<SYSTEM32>\timeout.exe' /t 1