Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\virus!!!.exe' = '%TEMP%\virus!!!.exe:*:Enabled:virus!!!.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\virus!!!.exe" "virus!!!.exe" ENABLE
- %TEMP%\virus!!!.exe
- 'iy####.duckdns.org':8600
- DNS ASK iy####.duckdns.org
- '%TEMP%\virus!!!.exe'