Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'd1e7df4d64bf6cb42e9995058140a9a9' = '"%ALLUSERSPROFILE%\WIn-7.exe" ..'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'd1e7df4d64bf6cb42e9995058140a9a9' = '"%ALLUSERSPROFILE%\WIn-7.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\d1e7df4d64bf6cb42e9995058140a9a9.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ALLUSERSPROFILE%\WIn-7.exe' = '%ALLUSERSPROFILE%\WIn-7.exe:*:Enabled:...
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%ALLUSERSPROFILE%\WIn-7.exe" "WIn-7.exe" ENABLE
- %ALLUSERSPROFILE%\WIn-7.exe
- 'an#####aoui49.ddns.net':5552
- DNS ASK an#####aoui49.ddns.net
- '%ALLUSERSPROFILE%\WIn-7.exe'