Техническая информация
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\st1m.bat" "
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\attrib.exe'
- <SYSTEM32>\attrib.exe
- %TEMP%\st1m.bat
- 're###.mrbasic.com':80
- re###.mrbasic.com/pub/vok8u.avi
- DNS ASK re###.mrbasic.com
- ClassName: 'shell_traywnd' WindowName: '(null)'
- ClassName: 'foqtrgg' WindowName: 'ybetbwrynruqvrfjengsbtbbkgdkwxx erqxeyaggalvtwtxiywb'