Техническая информация
- '<SYSTEM32>\taskkill.exe' /F /IM firefox.exe
- '<SYSTEM32>\cmd.exe' /c Date /T
- '<SYSTEM32>\cmd.exe' /c TIME /T
- '<SYSTEM32>\find.exe' /I "nspr4.dll"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\2.bat" <Полный путь к вирусу>"
- '<SYSTEM32>\cmd.exe' /c DIR /B /S "\Temp\" | FIND /I "nspr4.dll"
- '<SYSTEM32>\cmd.exe' /S /D /c" DIR /B /S "\Temp\" "
- firefox.exe
- %TEMP%\1.tmp\smime3.dll
- %TEMP%\1.tmp\softokn3.dll
- %TEMP%\1.tmp\plc4.dll
- %TEMP%\1.tmp\plds4.dll
- %TEMP%\1.tmp\MarshfieldClinicRootCA-G2.crt
- %TEMP%\1.tmp\certutil.exe
- %TEMP%\1.tmp\sqlite3.dll
- %TEMP%\1.tmp\ssl3.dll
- %TEMP%\1.tmp\nssutil3.dll
- %TEMP%\1.tmp\gtest132.dll
- %TEMP%\1.tmp\msvcr120.dll
- %TEMP%\1.tmp\2.bat
- %TEMP%\1.tmp\freebl3.dll
- %TEMP%\1.tmp\nssckbi.dll
- %TEMP%\1.tmp\nssdbm3.dll
- %TEMP%\1.tmp\nspr4.dll
- %TEMP%\1.tmp\nss3.dll
- ClassName: '' WindowName: ''