Техническая информация
- '%HOMEPATH%\Desktop\MonExe.exe'
- '<SYSTEM32>\attrib.exe' "%HOMEPATH%\Desktop" +s +h
- '<SYSTEM32>\attrib.exe' "%HOMEPATH%\Desktop\MonExe.exe" +s +h
- '<SYSTEM32>\notepad.exe'
- <SYSTEM32>\notepad.exe
- %HOMEPATH%\Desktop\MonExe.exe
- %HOMEPATH%\Desktop\MonExe.exe
- 'dd######stealer.no-ip.org':1500
- DNS ASK dd######stealer.no-ip.org
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: '#32770' WindowName: '(null)'
- ClassName: '#32770' WindowName: '<Служебное имя>'