Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '%USERNAME%' = '%HOMEPATH%\%USERNAME%.exe /i'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\explorer.exe' = '%WINDIR%\explorer.exe:*:Enabled:ENABLE'
- '%HOMEPATH%\%USERNAME%.exe' /r
- '<SYSTEM32>\netsh.exe' firewall set allowedprogram "%WINDIR%\Explorer.EXE" ENABLE
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\%USERNAME%.exe
- %HOMEPATH%\%USERNAME%.exe
- '69.##.67.194':80
- 69.##.67.194/40E8001431313030303030303030303030303030303031306C0000000A66000000007600000642EB00053041B931A1
- '20#.#18.231.162':5050
- ClassName: 'Indicator' WindowName: ''