Техническая информация
- '%TEMP%\1.tmp\b2e.exe' %TEMP%\1.tmp\b2e.exe <Текущая директория> <Полный путь к вирусу>
- '<SYSTEM32>\net1.exe' stop "dns server"
- '<SYSTEM32>\net.exe' stop "dns server"
- '<SYSTEM32>\net.exe' stop "remote access auto connection manager"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\selfdel0.bat" "
- '<SYSTEM32>\net1.exe' stop "remote access auto connection manager"
- '<SYSTEM32>\net.exe' stop "dhcp server"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2.tmp\batchfile.bat" "
- '<SYSTEM32>\net1.exe' stop "dhcp server"
- '<SYSTEM32>\net1.exe' stop "dhcp client"
- '<SYSTEM32>\net.exe' stop "dhcp client"
- %TEMP%\selfdel0.bat
- %TEMP%\2.tmp\batchfile.bat
- %TEMP%\1.tmp\b2e.exe
- %TEMP%\1.tmp\b2e.exe
- %TEMP%\2.tmp\batchfile.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''