Техническая информация
- <SYSTEM32>\Com\LSASS.EXE
- C:\ntfsus.exe
- <SYSTEM32>\cmd.exe /c C:\ntfsus.exe.bat
- <SYSTEM32>\net1.exe start
- <SYSTEM32>\ping.exe -f -n 1 www.ba##u.com
- <SYSTEM32>\attrib.exe -a -r -s -h "C:\ntfsus.exe"
- <SYSTEM32>\cacls.exe <SYSTEM32>\com\LSASS.EXE /e /t /g %USERNAME%:F
- <SYSTEM32>\cacls.exe <SYSTEM32>\com /e /t /g %USERNAME%:F
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\com\netcfg.dll /s
- <SYSTEM32>\cacls.exe <SYSTEM32>\com\SMSS.EXE /e /t /g %USERNAME%:F
- <SYSTEM32>\dnsq.dll
- <SYSTEM32>\Com\netcfg.dll
- <SYSTEM32>\Com\LSASS.EXE
- C:\ntfsus.exe.bat
- <SYSTEM32>\Com\netcfg.000
- <SYSTEM32>\Com\SMSS.EXE
- %TEMP%\RarSFX0\Setup.exe
- C:\NetApi00.sys
- C:\ntfsus.exe
- <SYSTEM32>\Com\netcfg.dll
- <SYSTEM32>\dnsq.dll
- C:\ntfsus.exe
- <SYSTEM32>\Com\SMSS.EXE
- C:\NetApi00.sys
- <SYSTEM32>\Com\netcfg.000
- %TEMP%\RarSFX0\Setup.exe
- C:\ntfsus.exe
- C:\NetApi00.sys
- DNS ASK www.ba##u.com
- ClassName: '' WindowName: 'SREng ????'
- ClassName: '' WindowName: '@@????'
- ClassName: '#32770' WindowName: 'MCI Program Com Application'
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'XOR' WindowName: 'MSCTFIME SMSS'