Техническая информация
- '%TEMP%\msdevd.exe'
- '<SYSTEM32>\wscript.exe' %TEMP%\\t_148187.vbs
- '<SYSTEM32>\wscript.exe' %TEMP%\\t_148750.vbs
- '<SYSTEM32>\wscript.exe' %TEMP%\\t_147671.vbs
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\Del.bat" "
- '<SYSTEM32>\ping.exe' -n 3 127.0.0.1
- %TEMP%\t_147671.vbs
- %TEMP%\t_148187.vbs
- %TEMP%\t_148750.vbs
- %TEMP%\msdevd.exe
- %TEMP%\Del.dat
- %TEMP%\Del.bat
- %TEMP%\Del.dat
- 'vi#.#aqio.com':9999
- DNS ASK vi#.#aqio.com
- ClassName: 'Shell_TrayWnd' WindowName: ''