Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Net client] 'Start' = '00000002'
- '<SYSTEM32>\st.exe'
- '<SYSTEM32>\attrib.exe' +r +h +s <SYSTEM32>\comand.drv
- '<SYSTEM32>\reg.exe' import st.reg
- '%WINDIR%\regedit.exe' /s st.reg
- '<SYSTEM32>\chcp.com' 1251
- '<SYSTEM32>\netsh.exe' firewall add portopening TCP 2323 system
- '<SYSTEM32>\attrib.exe' +r +h +s <SYSTEM32>\svсhost.exe
- <SYSTEM32>\system32.exe
- %TEMP%\a79980.bat
- <SYSTEM32>\comand.drv
- <SYSTEM32>\st.exe
- <SYSTEM32>\st.reg
- <SYSTEM32>\comand.drv
- %TEMP%\a79980.bat
- <SYSTEM32>\system32.exe
- %TEMP%\a79980.bat
- <SYSTEM32>\st.exe
- <SYSTEM32>\st.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''