Техническая информация
- <SYSTEM32>\C0NFIG.EXE
- <SYSTEM32>\ARAR.exe
- <SYSTEM32>\ftp.exe -s:c:\1.txt
- <SYSTEM32>\net1.exe stop sharedaccess
- <SYSTEM32>\net.exe stop sharedaccess
- %TEMP%\bt1787.bat
- C:\1.txt
- <SYSTEM32>\ARAR.exe
- <SYSTEM32>\C0NFIG.EXE
- <SYSTEM32>\ARAR.dll
- <SYSTEM32>\ARAR.exe
- %TEMP%\bt1787.bat
- <SYSTEM32>\C0NFIG.EXE
- <SYSTEM32>\ARAR.dll
- %TEMP%\bt1787.bat
- C:\1.txt
- 'fe####7.3322.org':21
- 'localhost':1036
- DNS ASK fe####7.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''