Техническая информация
- '<SYSTEM32>\arp.exe' -a
- '<SYSTEM32>\cmd.exe' /c arp -a > %TEMP%\nst1A.tmp
- '%TEMP%\nsu3.tmp\ns1B.tmp' cmd.exe /c arp -a > %TEMP%\nst1A.tmp
- ClassName: '' WindowName: 'Jing'
- ClassName: '' WindowName: 'Fiddler - HTTP Debugging Proxy'
- ClassName: '' WindowName: 'Fiddler - Web Debugger'
- %TEMP%\nst13.tmp
- %TEMP%\nsa14.tmp
- %TEMP%\nss15.tmp
- %TEMP%\nss10.tmp
- %TEMP%\nsr11.tmp
- %TEMP%\nsy12.tmp
- %TEMP%\nsh19.tmp
- %TEMP%\nsu3.tmp\ns1B.tmp
- %TEMP%\nst1A.tmp
- %TEMP%\nse16.tmp
- %TEMP%\nsa17.tmp
- %TEMP%\nsw18.tmp
- %TEMP%\nsqF.tmp
- %TEMP%\nsp6.tmp
- %TEMP%\nsm7.tmp
- %TEMP%\nsc8.tmp
- %TEMP%\nsd2.tmp
- %TEMP%\nsf4.tmp
- %TEMP%\nsy5.tmp
- %TEMP%\nskC.tmp
- %TEMP%\nsoD.tmp
- %TEMP%\nskE.tmp
- %TEMP%\nsd9.tmp
- %TEMP%\nspA.tmp
- %TEMP%\nsgB.tmp
- %TEMP%\nsy12.tmp
- %TEMP%\nst13.tmp
- %TEMP%\nsr11.tmp
- %TEMP%\nsqF.tmp
- %TEMP%\nss10.tmp
- %TEMP%\nsa14.tmp
- %TEMP%\nsw18.tmp
- %TEMP%\nsh19.tmp
- %TEMP%\nsa17.tmp
- %TEMP%\nss15.tmp
- %TEMP%\nse16.tmp
- %TEMP%\nsm7.tmp
- %TEMP%\nsc8.tmp
- %TEMP%\nsp6.tmp
- %TEMP%\nsf4.tmp
- %TEMP%\nsy5.tmp
- %TEMP%\nsd9.tmp
- %TEMP%\nsoD.tmp
- %TEMP%\nskE.tmp
- %TEMP%\nskC.tmp
- %TEMP%\nspA.tmp
- %TEMP%\nsgB.tmp
- 'cm#.##onbeast.io':80
- http://cm#.##onbeast.io/
- DNS ASK cm#.##onbeast.io