Техническая информация
- %WINDIR%\regedit.exe -ea C:\pass\MailAgent\reg\agent.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\magent_logins2
- <SYSTEM32>\attrib.exe C:\pass +h +s +r
- %WINDIR%\regedit.exe -ea C:\pass\MailAgent\reg\agent_3.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\magent_logins3
- <SYSTEM32>\xcopy.exe Mra\Update\ver.txt C:\pass\MailAgent /K /H /G /Q /R /S /Y
- <SYSTEM32>\xcopy.exe Mra\Base C:\pass\MailAgent /K /H /G /Q /R /S /Y /E
- <SYSTEM32>\taskkill.exe /f /im opera.exe
- <SYSTEM32>\cmd.exe /c System.bat
- <SYSTEM32>\taskkill.exe /f /im firefox.exe
- <SYSTEM32>\attrib.exe %WINDIR%\wincs +h +s +r
- <SYSTEM32>\taskkill.exe /f /im chrome.exe
- chrome.exe
- firefox.exe
- opera.exe
- C:\pass\Mozilla\key3.db
- C:\pass\Mozilla\signons.sqlite
- C:\pass\Googlх\cookies.sqlite
- %APPDATA%\System.bat
- %TEMP%\nsm2.tmp\ExecDos.dll
- C:\pass\Mozilla\cookies.sqlite
- C:\pass\Mozilla\signons.sqlite
- <SYSTEM32>\svchost.exe
- C:\pass\Mozilla\key3.db
- C:\pass\Googlх\cookies.sqlite
- C:\pass\Mozilla\cookies.sqlite
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''