Техническая информация
- <SYSTEM32>\cmd.exe /c "%TEMP%\~4.cmd"
- %TEMP%\~3.tmp
- %TEMP%\~4.cmd
- %TEMP%\nsy2.tmp\UserInfo.dll
- %TEMP%\nsy2.tmp\access40.dll
- %TEMP%\~4.cmd
- %TEMP%\~3.tmp
- 'www.wi###tep.com':80
- www.wi###tep.com/checknewversion/A180611492121A050676655656850508cf
- DNS ASK www.wi###tep.com
- ClassName: 'Shell_TrayWnd' WindowName: ''