Техническая информация
- '<SYSTEM32>\ntvdm.exe' -f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZSfx000.cmd" "
- '<SYSTEM32>\wscript.exe' "%PROGRAM_FILES%\wiin.vbs"
- %PROGRAM_FILES%\tmp11
- %WINDIR%\Temp\scs1.tmp
- %TEMP%\7ZSfx000.cmd
- %PROGRAM_FILES%\Se2b.bat
- %PROGRAM_FILES%\wiin.vbs
- %TEMP%\7ZSfx000.cmd
- %PROGRAM_FILES%\wiin.vbs
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b58.b64.380001'