Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'bf4c85b3c44d7f79eef6edfc15854f9f' = '"%TEMP%\svlocal.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'bf4c85b3c44d7f79eef6edfc15854f9f' = '"%TEMP%\svlocal.exe" ..'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\svlocal.exe' = '%TEMP%\svlocal.exe:*:Enabled:svlocal.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\svlocal.exe" "svlocal.exe" ENABLE
- '%TEMP%\svlocal.exe'
- %TEMP%\svlocal.exe
- 'fr####c.no-ip.org':7788
- DNS ASK fr####c.no-ip.org