Техническая информация
- '%WINDIR%\nview\wget.exe' -i lsass.dll --continue
- '<SYSTEM32>\taskkill.exe' /f /im rabr.exe
- '<SYSTEM32>\taskkill.exe' /f /im inst.exe
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\nview\runer.bat" "
- '<SYSTEM32>\taskkill.exe' /f /im nvst.exe
- %WINDIR%\nview\frame.dll
- %WINDIR%\nview\nvst.exe
- %WINDIR%\nview\lsass.dll
- %WINDIR%\nview\runer.bat
- %WINDIR%\nview\wget.exe
- 'sa###a.ezua.com':80
- sa###a.ezua.com/nvst.exe
- DNS ASK sa###a.ezua.COM
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'