Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Browse' = 'C:\DirectX\templates1\SQLWriter.exe'
- '<SYSTEM32>\cmd.exe' /c move C:\DirectX\SQLWriter.exe C:\DirectX\templates1\
- '<SYSTEM32>\cmd.exe' /c attrib C:\DirectX +h +s
- '<SYSTEM32>\attrib.exe' C:\DirectX +h +s
- '<SYSTEM32>\cmd.exe' /c md C:\DirectX\templates1
- '<SYSTEM32>\cmd.exe' /c md C:\DirectX\Microsoft
- '<SYSTEM32>\cmd.exe' /c copy SQLWriter.exe C:\DirectX\
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: ''