Техническая информация
- %WINDIR%\regedit.exe /s "%PROGRAM_FILES%\Microsoft Common Express Files\Update.reg"
- <SYSTEM32>\ping.exe 127.0.0.1 -n 10
- <SYSTEM32>\cmd.exe /c afc9fe2f418b00a0.bat
- <Текущая директория>\afc9fe2f418b00a0.bat
- %PROGRAM_FILES%\Microsoft Common Express Files\Update.reg
- %PROGRAM_FILES%\ICBC_Safe-Phishing.dll
- ClassName: 'RegEdit_RegEdit' WindowName: ''