Technical Information
- 'C:\TEMP\Updates\AdobeUpdates.exe'
- 'C:\TEMP\Updates\wget.exe' http://19#.#8.173.226//AdobeUpdates.exe
- 'C:\TEMP\Updates\AdobeUpdates.exe' (downloaded from the Internet)
- '<SYSTEM32>\tasklist.exe'
- '<SYSTEM32>\find.exe' "rutserv.exe"
- '<SYSTEM32>\ping.exe' -n 3 127.0.0.1
- '<SYSTEM32>\ping.exe' -n 1 -w 5000 ya.ru
- '<SYSTEM32>\wscript.exe' "C:\TEMP\Updates\2.js"
- '<SYSTEM32>\cmd.exe' /c ""C:\TEMP\Updates\update_ie.bat" "
- '<SYSTEM32>\chcp.com' 1251
- C:\TEMP\Updates\update_ie.bat
- C:\TEMP\Updates\AdobeUpdates.exe
- C:\TEMP\Updates\wget.exe
- C:\TEMP\Updates\2.js
- '19#.#8.173.226':80
- 19#.#8.173.226//AdobeUpdates.exe
- DNS ASK ya.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''