Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Theme] 'Start' = '00000002'
- <SYSTEM32>\cmd.exe /c ""%TEMP%\3641.bat" "
- <SYSTEM32>\ping.exe 1.0.0.1 -n
- <SYSTEM32>\svchost.exe -k netsvc
- <SYSTEM32>\rundll32.exe "%APPDATA%\Common Files\System\zh-CN\comctl32.dll",RundllInstall Theme
- <SYSTEM32>\net1.exe start Theme
- %APPDATA%\Common Files\System\zh-CN\userinfo.ini
- %TEMP%\3641.bat
- %APPDATA%\Common Files\System\zh-CN\comctl32.dll
- %APPDATA%\Common Files\System\zh-CN\sen.dll
- 'ts##.#cakknow.com':8172
- DNS ASK ts##.#cakknow.com