Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'System' = '%APPDATA%\skype.exe'
- C:\Extracted\testports.exe
- %APPDATA%\skype.exe
- C:\Extracted\Server.exe
- <SYSTEM32>\netsh.exe advfirewall firewall add rule action=allow profile=any protocol=any enable=yes direction=in name=Win2y2 program="%APPDATA%\skype.exe"
- <SYSTEM32>\netsh.exe advfirewall firewall add rule action=allow profile=any protocol=any enable=yes direction=out name=Win2y2 program="%APPDATA%\skype.exe"
- C:\Extracted\testports.exe
- %APPDATA%\skype.exe
- %TEMP%\sfx.ini
- C:\Extracted\Server.exe
- %TEMP%\sfx.ini
- 'ho####2.sytes.net':1158
- DNS ASK ho####2.sytes.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''