Техническая информация
- 'ap#.###ferstealer.com':80
- 'gr###opia1.com':80
- http://ap#.###ferstealer.com/system/itemprice
- http://ap#.###ferstealer.com/SurferLicense/IVindex
- http://gr###opia1.com/growtopia/server_data.php
- DNS ASK ap#.###ferstealer.com
- DNS ASK gr###opia1.com
- ClassName: '' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /c netstat -ano | findstr 0.0.0.0:80 > nul
- '%WINDIR%\syswow64\netstat.exe' -ano
- '%WINDIR%\syswow64\findstr.exe' 0.0.0.0:80
- '%WINDIR%\syswow64\cmd.exe' /c netstat -ano | findstr 0.0.0.0:17191 > nul
- '%WINDIR%\syswow64\findstr.exe' 0.0.0.0:17191
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "<Полный путь к файлу>"