Техническая информация
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'pngfile'
- <SYSTEM32>\attrib.exe +h "%HOMEPATH%\my documents\my pictures"
- <SYSTEM32>\net1.exe start "messenger"
- <SYSTEM32>\net1.exe send * "Spammed Message"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\Joker.bat""
- <SYSTEM32>\attrib.exe +h "%HOMEPATH%\my documents\my music"
- <SYSTEM32>\attrib.exe +h "%HOMEPATH%\my documents\my videos"
- \Device\LanmanRedirector\WORKGROUP\MAILSLOT\MESSNGR
- %TEMP%\1.tmp\Joker.bat