Техническая информация
- '%WINDIR%\Temp\ .exe'
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\temp\Win\mata2.bat" "
- '<SYSTEM32>\wscript.exe' "%WINDIR%\temp\Win\invs.vbs" "%WINDIR%\temp\Win\mata2.bat
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\temp\Win\mata.bat
- %WINDIR%\Temp\Win\mata.bat
- %WINDIR%\Temp\ .exe
- %WINDIR%\Temp\Win\.bat
- %WINDIR%\Temp\Win\mata2.bat
- %WINDIR%\Temp\Win\rundll11-.txt
- %WINDIR%\Temp\Win\invs.vbs
- %WINDIR%\Temp\Win\.bat
- %WINDIR%\Temp\Win\rundll11-.txt
- %WINDIR%\Temp\Win\invs.vbs
- %WINDIR%\Temp\Win\mata2.bat
- %WINDIR%\Temp\Win\mata.bat
- 'iv####e.zapto.org':1604
- DNS ASK iv####e.zapto.org