Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '6f54e4bcc90f9aa995dc3c65a1070b0a' = '"%ProgramFiles%\sdsdg\dms.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '6f54e4bcc90f9aa995dc3c65a1070b0a' = '"%ProgramFiles%\sdsdg\dms.exe" ..'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ProgramFiles%\sdsdg\dms.exe' = '%ProgramFiles%\sdsdg\dms.exe:*:Enable...
- '%ProgramFiles%\sdsdg\FileDownloader.exe'
- '%ProgramFiles%\sdsdg\dms.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%ProgramFiles%\sdsdg\dms.exe" "dms.exe" ENABLE
- %ProgramFiles%\sdsdg\dms.exe
- %ProgramFiles%\sdsdg\FileDownloader.exe
- 'rs####9.ddns.net':2222
- DNS ASK rs####9.ddns.net
- ClassName: 'EDIT' WindowName: ''