Техническая информация
- %TEMP%\rJOduk8pce2ETzl.exe
- <SYSTEM32>\net1.exe stop "security center"
- <SYSTEM32>\net.exe stop "security center"
- <SYSTEM32>\net.exe stop sharedaccess
- <SYSTEM32>\netsh.exe firewall set opmode mode-disable
- <SYSTEM32>\net1.exe stop sharedaccess
- <SYSTEM32>\net1.exe stop "wuauserv"
- <SYSTEM32>\net.exe stop "WinDefend"
- <SYSTEM32>\cmd.exe /c """%TEMP%\2.tmp\batchfile.bat"" "
- <SYSTEM32>\net1.exe stop "WinDefend"
- <SYSTEM32>\net.exe stop "wuauserv"
- <SYSTEM32>\taskkill.exe /f /t /im "MSASCui.exe"
- %TEMP%\2.tmp\batchfile.bat
- %TEMP%\1.tmp\b2e.exe
- %TEMP%\rJOduk8pce2ETzl.exe
- ClassName: '' WindowName: ''