Техническая информация
- '<SYSTEM32>\cmd.exe' /c afc9fe2f418b00a0.bat
- '<SYSTEM32>\rundll32.exe' "%WINDIR%\WINDOWSS.INI",main
- '<SYSTEM32>\wscript.exe' %WINDIR%\vbs.vbs
- %WINDIR%\vbs.vbs
- <Текущая директория>\afc9fe2f418b00a0.bat
- %WINDIR%\WINDOWSS.INI
- %WINDIR%\start.vbs
- %WINDIR%\vbs.vbs
- 'li#####g13148.3322.org':8091
- DNS ASK li#####g13148.3322.org