Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows' = '%WINDIR%\System\Dwnldr.exe'
- '<SYSTEM32>\cmd.exe' DEL /Q <SYSTEM32>\Test.cmd
- '<SYSTEM32>\reg.exe' ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Windows /t REG_SZ /d %WINDIR%\System\Dwnldr.exe /f
- '<SYSTEM32>\cmd.exe' <SYSTEM32>\Test.cmd
- <SYSTEM32>\Test.cmd
- <SYSTEM32>\Test.cmd
- '74.##5.232.51':443
- DNS ASK www.google.com