Техническая информация
- '%APPDATA%\temp\TopTool__TT05(downmemory).exe'
- '%APPDATA%\temp\toptool1.exe'
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\temp\toptool1.exe_del.bat" "
- '<SYSTEM32>\cmd.exe' /c ""<Полный путь к вирусу>_del.bat" "
- %WINDIR%\explorer.exe
- %APPDATA%\temp\toptool1.exe_del.bat
- %TEMP%\nsd6.tmp\nsSelfDel.dll
- %TEMP%\nsd6.tmp\nsCommands3.dll
- %TEMP%\nsf8.tmp\SelfDel.dll
- %TEMP%\nsf8.tmp\NSISdl.dll
- %TEMP%\nsf8.tmp\UAC.dll
- %APPDATA%\temp\TopTool__TT05(downmemory).exe
- %TEMP%\nsd3.tmp\nsCommands3.dll
- %APPDATA%\temp\toptool1.exe
- %TEMP%\nsn2.tmp
- %TEMP%\nsi5.tmp
- <Полный путь к вирусу>_del.bat
- %TEMP%\nsd3.tmp\nsSelfDel.dll
- %TEMP%\nsf8.tmp\SelfDel.dll
- %TEMP%\nsf8.tmp\NSISdl.dll
- %APPDATA%\temp\TopTool__TT05(downmemory).exe
- %TEMP%\nsf8.tmp\UAC.dll
- %APPDATA%\temp\toptool1.exe
- %TEMP%\nsd3.tmp\nsSelfDel.dll
- %TEMP%\nsd3.tmp\nsCommands3.dll
- %TEMP%\nsd6.tmp\nsSelfDel.dll
- %TEMP%\nsd6.tmp\nsCommands3.dll
- DNS ASK fi##.utilz.net