Техническая информация
- '%TEMP%\svchost.exe'
- '<SYSTEM32>\rundll32.exe' %TEMP%\fuck.dll MyLive
- '<SYSTEM32>\ping.exe' 127.1 -n 10
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\shovst.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\sovet.bat" "
- C:\a.txt
- %TEMP%\svchost.exe
- %WINDIR%\sovet.bat
- C:\a.txt в <SYSTEM32>\shovst.bat
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'