Техническая информация
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: '', WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass', WindowName: ''
- ClassName: '', WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- из <Полный путь к файлу> в <Текущая директория>\eodhoa50z6t3yjo.exe
- 'localhost':49173
- 'localhost':49175
- 'localhost':49176
- 'ca##h.me':443
- DNS ASK ca##h.me
- ClassName: '18467-41' WindowName: ''
- ClassName: '' WindowName: 'x64dbg'
- ClassName: '' WindowName: 'IDA: Quick start'
- ClassName: '' WindowName: 'ida64.exe'
- '<SYSTEM32>\cmd.exe' /c REG QUERY HKLM\SYSTEM\CurrentControlSet\Control\VirtualDeviceDrivers
- '<SYSTEM32>\reg.exe' QUERY HKLM\SYSTEM\CurrentControlSet\Control\VirtualDeviceDrivers