Техническая информация
- '<SYSTEM32>\cmd.exe' /c C:\Kav2.bat
- '<SYSTEM32>\cmd.exe' /c C:\Kav1.bat
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\start.bat
- <SYSTEM32>\PQKG102.dat
- <SYSTEM32>\AOSMTP.dll
- <SYSTEM32>\KTKBDHK.DLL
- \Device\LanmanRedirector\127.0.0.1\PIPE\wkssvc
- %WINDIR%\start.bat
- C:\Kav1.bat
- C:\Kav2.bat
- %WINDIR%\start.bat
- C:\Kav2.bat
- C:\Kav1.bat
- 'localhost':445