Техническая информация
- <SYSTEM32>\cmd.exe /c <Текущая директория>\_tmp.bat
- <SYSTEM32>\regsvr32.exe "%PROGRAM_FILES%\Scpad\scpMIB32.dll" /s
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\boцtongif[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\boцtongif[1]
- %PROGRAM_FILES%\Scpad\AiodLite
- <Текущая директория>\_tmp.bat
- %WINDIR%\infosцpi.dll
- %PROGRAM_FILES%\Scpad\scpMIB32.dll
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-1275210071-117609710-1801674531-500\e8c76afd3b86e53d6a4b975ffdd70b7a_ffcb838e-6d3b-4e44-a259-8ac8f5c94c4f
- %APPDATA%\Microsoft\Protect\S-1-5-21-1275210071-117609710-1801674531-500\6372513d-3bbc-44de-8926-5f25690ace82
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\toцgif[1]
- %PROGRAM_FILES%\Scpad\scpMIB32.dll_
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\toцgif[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\boцtongif[1]
- %PROGRAM_FILES%\Scpad\scpMIB32.dll_
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\toцgif[1]
- 'sa####?ino.kit.ne??':80
- sa####?ino.kit.ne??/z/bo?to####
- sa####?ino.kit.ne??/z/to?gi#