Техническая информация
- '<SYSTEM32>\sc.exe' start sharedaccess
- '<SYSTEM32>\alg.exe'
- '<SYSTEM32>\ftp.exe' -s:%WINDIR%\c5.dat
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\win21.bat" "
- '<SYSTEM32>\sc.exe' stop sharedaccess
- %WINDIR%\c5.dat
- %TEMP%\1.tmp\win21.bat
- %WINDIR%\c5.dat
- 'localhost':1038
- DNS ASK www.mm##23.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'