Техническая информация
- <SYSTEM32>\exp32\services.exe
- <SYSTEM32>\attrib.exe +S +H <SYSTEM32>\exp32\services.exe
- %WINDIR%\regedit.exe <SYSTEM32>\exp32\winnet.reg
- <SYSTEM32>\regedt32.exe <SYSTEM32>\exp32\winnet.reg
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\conset.bat" "
- <SYSTEM32>\consetx.bat
- <SYSTEM32>\exp32\ctf.exe
- <SYSTEM32>\conset.bat
- <SYSTEM32>\exp32\winnet.reg
- <SYSTEM32>\exp32\services.exe
- 'ir#.##pher.co.il':6667
- DNS ASK ir#.##pher.co.il
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''