Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\sasa.exe' = '%TEMP%\sasa.exe:*:Enabled:sasa.exe'
- '%TEMP%\sasa.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\sasa.exe" "sasa.exe" ENABLE
- %TEMP%\sasa.exe
- 'lo####ip.zapto.org':5552
- DNS ASK lo####ip.zapto.org