Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'aea964f0a34c1f3ec30cd7fd54bc3a6e' = '"%TEMP%\AvasPro.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'aea964f0a34c1f3ec30cd7fd54bc3a6e' = '"%TEMP%\AvasPro.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\aea964f0a34c1f3ec30cd7fd54bc3a6e.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\AvasPro.exe' = '%TEMP%\AvasPro.exe:*:Enabled:AvasPro.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\AvasPro.exe" "AvasPro.exe" ENABLE
- '%TEMP%\AvasPro.exe'
- %TEMP%\AvasPro.exe
- 'ko###m.ddns.net':3557
- DNS ASK ko###m.ddns.net