Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\6be0f46d229447fac3ece2017ee05ea3.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\System.exe' = '%TEMP%\System.exe:*:Enabled:System.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\System.exe" "System.exe" ENABLE
- '%TEMP%\System.exe'
- '%TEMP%\Application PC.exe'
- %TEMP%\System.exe
- %TEMP%\Application PC.exe
- %TEMP%\xf-adsk2018_x64v3.exe
- 'ka####.selfip.net':49123
- DNS ASK ka####.selfip.net