Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\serve.exe' = '%TEMP%\serve.exe:*:Enabled:serve.exe'
- '%TEMP%\serve.exe'
- '%TEMP%\RarSFX0\SORRISO.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\serve.exe" "serve.exe" ENABLE
- %TEMP%\RarSFX0\SORRISO.exe
- %TEMP%\RarSFX0\SORRISO.exe
- 'fb###a.ddns.net':1052
- DNS ASK fb###a.ddns.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''