Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '76d7806f2b7acb51b4a367c927968a2e' = '"%TEMP%\saif.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '76d7806f2b7acb51b4a367c927968a2e' = '"%TEMP%\saif.exe" ..'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\saif.exe' = '%TEMP%\saif.exe:*:Enabled:saif.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\saif.exe" "saif.exe" ENABLE
- '%TEMP%\saif.exe'
- %TEMP%\saif.exe
- 'sa#####ra201.ddns.net':1177
- DNS ASK sa#####ra201.ddns.net