Техническая информация
- C:\hdsupdate\AppUpdate.exe
- <SYSTEM32>\net1.exe start W32Time
- <SYSTEM32>\attrib.exe +H +R ""%TEMP%\c3fc3e5ecdaddce4aac4e4f7927103f3.dat""
- <SYSTEM32>\cacls.exe ""%TEMP%\c3fc3e5ecdaddce4aac4e4f7927103f3.dat"" /T /P everyone:N
- <SYSTEM32>\wscript.exe c:\hdsupdate\AppUpdate.exesxv.vbs
- <SYSTEM32>\cmd.exe /c c:\hdsupdate\AppUpdate.exeirm.bat
- <SYSTEM32>\cacls.exe ""%HOMEPATH%\Local Settings\Temp"" /T /P everyone:F
- C:\hdsupdate\AppUpdate.exesxv.vbs
- C:\hdsupdate\AppUpdate.exeirm.bat
- C:\hdsupdate\config
- C:\hdsupdate\AppUpdate.exe
- C:\hdsupdate\AppUpdate.exesxv.vbs
- 'in###7.3322.org':8185
- DNS ASK in###7.3322.org