Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Pre-Setting 368CueFX.lnk
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_iوJ.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_ىrز.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_едгد.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_Bъй.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_jر.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_ло.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_Kا.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_Cдг.vbs"
- '<SYSTEM32>\ping.exe' -n 1 www.google.com
- 'C:\Document\EhkgO\dwn_hDGbLV.exe'
- 'C:\Document\EhkgO\dwn_COCBGq.exe'
- %TEMP%\order_ىrز.vbs
- C:\Document\EhkgO\tik_inWvmR.txt
- %TEMP%\order_Kا.vbs
- C:\Document\EhkgO\tik_GrXmF.txt
- %TEMP%\order_едгد.vbs
- %TEMP%\order_Bъй.vbs
- %TEMP%\order_iوJ.vbs
- C:\Document\EhkgO\tik_zZyRo.txt
- C:\Document\EhkgO\wbs.txt
- C:\Document\wbs.txt
- C:\Document\sign231.txt
- C:\Document\EhkgO\dwn_COCBGq.exe
- %TEMP%\order_Cдг.vbs
- %TEMP%\order_jر.vbs
- %TEMP%\order_ло.vbs
- C:\Document\EhkgO\dwn_COCBGq.exe в C:\Document\EhkgO\dwn_hDGbLV.exe
- DNS ASK www.google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''