Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wuaclt.exe' = '%WINDIR%\postal_tarjeta.bat'
- '<SYSTEM32>\attrib.exe' <DRIVERS>\etc\hosts +r +h
- '<SYSTEM32>\ipconfig.exe' /flushdns
- '<SYSTEM32>\reg.exe' ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v wuaclt.exe /t REG_SZ /d "%WINDIR%\postal_tarjeta.bat" /f
- '<SYSTEM32>\attrib.exe' %WINDIR%\video_tarjeta.bat +r +h
- '<SYSTEM32>\attrib.exe' <DRIVERS>\etc\hosts -r -h -s
- '<SYSTEM32>\attrib.exe' <DRIVERS>\etc\service2 +r +h
- %WINDIR%\video_tarjeta.bat
- %TEMP%\a28231.bat
- %WINDIR%\video_tarjeta.bat
- %TEMP%\a28231.bat
- %TEMP%\a28231.bat
- <DRIVERS>\etc\hosts в <DRIVERS>\etc\service2