Technical Information
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- %APPDATA%\1.bat
- %APPDATA%\hack.sfx.exe
- %TEMP%\hack.exe
- %TEMP%\1.bat
- %TEMP%\qwerty.sfx.exe
- %TEMP%\qwerty.exe
- %TEMP%\AeegRCRJ.txt
- %APPDATA%\СЃhrРѕmРµ.exe
- %TEMP%\qwerty.exe
- %APPDATA%\СЃhrРѕmРµ.exe
- 'zi#####lyad.hopto.org':1412
- DNS ASK zi#####lyad.hopto.org
- ClassName: 'EDIT' WindowName: ''
- '%APPDATA%\hack.sfx.exe' -p65as465vsdf16g51eertert -d%HOMEPATH%\Local Settings\Temp
- '%TEMP%\hack.exe'
- '%TEMP%\qwerty.sfx.exe' -pqwerty55 -d%HOMEPATH%\Local Settings\Temp
- '%TEMP%\qwerty.exe'
- '%APPDATA%\СЃhrРѕmРµ.exe'
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\1.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.bat" "
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe'