Техническая информация
- '<SYSTEM32>\cmd.exe' /C ""%TEMP%\2B.cmd" "<Полный путь к вирусу>""
- C:\Stoned\Stoned Infector.exe
- C:\Stoned\Drivers\Black Hat Europe 2007 Vipin Kumar POC.sys
- %TEMP%\2B.cmd
- C:\Stoned\Master Boot Record.bak
- C:\Stoned\Applications\Hibernation File Attack.sys
- C:\Stoned\Applications\Forensic Lockdown Software.sys
- C:\Stoned\Applications\Windows.sys
- C:\Stoned\Applications\Sinowal Loader.sys
- C:\Stoned\Stoned Infector.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'