Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- 'C:\RECYCLER\cmd.exe150453tem.exe'
- 'C:\RECYCLER\cmd.exe' /c regedit /s c:\recycler\cmd.execyl.txt
- 'C:\RECYCLER\cmd.exe' /c copy /b c:\recycler\cmd.exe150453tem.exe3.txt+c:\recycler\cmd.exe150453cnna.txt c:\recycler\cmd.exe150453tem.exe
- 'C:\RECYCLER\cmd.exe' /cc:\recycler\cmd.exe150453tem.exe
- '%WINDIR%\regedit.exe' /s c:\recycler\cmd.execyl.txt
- C:\RECYCLER\recyl.exe157265cnna.txt
- C:\RECYCLER\recyl.exe
- C:\RECYCLER\cmd.execyl.txt
- <SYSTEM32>\Iasid.dll.right.tlb
- <SYSTEM32>\Iasid.dll.move.tlb
- C:\RECYCLER\cmd.exe150453cnna.txt
- C:\RECYCLER\cmd.exe
- C:\RECYCLER\cmd.exe150453tem.exe3.txt
- C:\RECYCLER\cmd.exetem.tem
- C:\RECYCLER\cmd.exe150453tem.exe
- C:\RECYCLER\recyl.exe157265cnna.txt в <SYSTEM32>\Iasid.dll