Техническая информация
- '%ProgramFiles%\internet explorer\iexplore.exe' http://www.fo##ar.com/test.php
- %HOMEPATH%\shellcodefile.txt
- http://www.fo##ar.com/test.php
- DNS ASK fo##ar.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'Static' WindowName: ''
- '%ProgramFiles%\internet explorer\iexplore.exe' http://www.fo##ar.com/test.php' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /C C: && cd "%LOCALAPPDATA%" && dir . /s /b | find "test" > "%HOMEPATH%\shellcodefile.txt"' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /C C: && cd "%LOCALAPPDATA%" && dir . /s /b | find "test" > "%HOMEPATH%\shellcodefile.txt"
- '<SYSTEM32>\cmd.exe' /S /D /c" dir . /s /b "
- '<SYSTEM32>\find.exe' "test"