Техническая информация
- %WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe
- %WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe
- 'il####unnymonkey.ws':443
- 'microsoft.com':80
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'il####unnymonkey.ws':443
- DNS ASK il####unnymonkey.ws
- DNS ASK microsoft.com
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System -Name ConsentPromptBehaviorAdmin -Value 0' (со скрытым окном)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionExtension exe' (со скрытым окном)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Set-MpPreference -DisableRealtimeMonitoring $true' (со скрытым окном)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Uninstall-WindowsFeature -Name Windows-Defender' (со скрытым окном)
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe'
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System -Name ConsentPromptBehaviorAdmin -Value 0
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionExtension exe
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Set-MpPreference -DisableRealtimeMonitoring $true
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Uninstall-WindowsFeature -Name Windows-Defender