Техническая информация
- C:\hdsupdate\AppUpdate.exe "c:\hdsupdate\config.dll" start007
- <SYSTEM32>\cacls.exe ""%HOMEPATH%\Local Settings\Temp"" /T /P everyone:F
- <SYSTEM32>\net1.exe start W32Time
- <SYSTEM32>\cacls.exe ""%TEMP%\f1df8c41c94601cd090db545856cb2bc.dat"" /T /P everyone:N
- <SYSTEM32>\attrib.exe +H +R ""%TEMP%\f1df8c41c94601cd090db545856cb2bc.dat""
- <SYSTEM32>\sc.exe config W32Time start=auto
- <SYSTEM32>\sc.exe stop W32Time
- <SYSTEM32>\cmd.exe /c c:\hdsupdate\AppUpdate.exekoj.bat
- <SYSTEM32>\wscript.exe c:\kfdjqq\fniex.vbs
- C:\kfdjqq\fniex.vbs
- C:\hdsupdate\AppUpdate.exekoj.bat
- C:\hdsupdate\config.dll
- C:\hdsupdate\AppUpdate.exe
- C:\kfdjqq\fniex.vbs
- 'me#####yang.gicp.net':8020
- DNS ASK me#####yang.gicp.net