Техническая информация
- '<SYSTEM32>\C0NIME.exe'
- '%WINDIR%\sleep.exe' 5000
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\C0NIME.bat
- <SYSTEM32>\C0NIME.bat
- <SYSTEM32>\C0NIME.exe
- %TEMP%\~DF8A9A.tmp
- '22#.#14.216.46':60533
- ClassName: '(null)' WindowName: '????'
- ClassName: '(null)' WindowName: 'frmKAInteractive'
- ClassName: '(null)' WindowName: 'Windows ????'