Техническая информация
- %TEMP%\Stage1.exe
- %WINDIR%\WispTis_x86.exe
- %TEMP%\Crypted.exe
- %TEMP%\Stage2.exe x -y -o%HOMEPATH%\Local Settings\Temp -pxnq8rPMxVI87ciGwWJHxRTy3iauHcIirteOOELv3B5vkS9kJoHBUAahY1dWxj8yA
- <SYSTEM32>\ping.exe -n 1 localhost
- <SYSTEM32>\cmd.exe /c ""%TEMP%\melt.bat" "
- %WINDIR%\WispTis_x86.exe
- %TEMP%\melt.bat
- %TEMP%\Stage1.exe
- %TEMP%\Crypted.exe
- %TEMP%\Stage2.exe
- %TEMP%\Stage1.exe