Техническая информация
- '<SYSTEM32>\msiexec.exe' -Embedding 32D7866EF1D047F50EF4BAD0DC51DBAA C
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\msiexec.exe' /i "<LS_APPDATA>\Downloaded Installations\{82DBE679-2A69-4BA3-AC22-75B9DB30D78E}\Antelope.msi" SETUPEXEDIR="<Текущая директория>" SETUPEXENAME="<Имя вируса>.exe"
- '<SYSTEM32>\msiexec.exe' /V
- %TEMP%\~3.tmp
- <LS_APPDATA>\Downloaded Installations\{82DBE679-2A69-4BA3-AC22-75B9DB30D78E}\Antelope.msi
- %TEMP%\40d4a.msi
- %TEMP%\MSI40d4b.LOG
- %TEMP%\MSI4.tmp
- %TEMP%\{5A3FC80A-6649-4FB6-88F4-AF39982BB280}\Antelope.msi
- %TEMP%\{5A3FC80A-6649-4FB6-88F4-AF39982BB280}\_ISMSIDEL.INI
- %TEMP%\{5A3FC80A-6649-4FB6-88F4-AF39982BB280}\Setup.INI
- %TEMP%\{5A3FC80A-6649-4FB6-88F4-AF39982BB280}\0x0409.ini
- %TEMP%\~2.tmp
- %TEMP%\~1.tmp
- %TEMP%\MSI4.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\~1.tmp
- %TEMP%\~2.tmp
- %TEMP%\~3.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''