Техническая информация
- %TEMP%\temp385\Cloud SW.zp.exe
- %TEMP%\temp385\7za.exe x -t7z "%TEMP%\temp385\pack.7z" -o"%TEMP%\temp385"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\RarSFX0\Cloud SW.bat" "
- %TEMP%\RarSFX0\TEMP\IE\IErecovery.bat
- %TEMP%\RarSFX0\Cloud SW.bat
- <SYSTEM32>\Admin_test.txt
- %TEMP%\RarSFX0\TEMP\Clean\Clean.cmd
- %TEMP%\temp385\Cloud SW.zp.exe
- %TEMP%\temp385\7za.exe
- %TEMP%\aut1.tmp
- %TEMP%\temp385\pack.7z
- %TEMP%\aut2.tmp
- <SYSTEM32>\Admin_test.txt
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''