Техническая информация
- Центр обеспечения безопасности (Security Center)
- '<SYSTEM32>\net.exe' stop wscsvc
- '<SYSTEM32>\sc.exe' config SharedAccess start= disabled
- '<SYSTEM32>\cmd.exe' /c sc config wscsvc start= disabled
- '<SYSTEM32>\net1.exe' stop wscsvc
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\sc.exe' config wscsvc start= disabled
- '<SYSTEM32>\cmd.exe' /c sc config SharedAccess start= disabled
- '<SYSTEM32>\cmd.exe' /c net stop SharedAccess
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\net1.exe' stop SharedAccess
- '<SYSTEM32>\cmd.exe' /c net stop wscsvc
- '<SYSTEM32>\net.exe' stop SharedAccess
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook]
- [<HKCU>\Software\Microsoft\Internet Explorer\IntelliForms\Storage2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\28ad010c-58c8-11e6-bd5b-47bc49c1d584[1].htm
- '93.##0.104.44':80
- http://93.##0.104.44/28ad010c-58c8-11e6-bd5b-47bc49c1d584.php