Техническая информация
- '%CommonProgramFiles%\seria.exe'
- '<SYSTEM32>\net.exe' stop sharedaccess
- '<SYSTEM32>\net1.exe' stop sharedaccess
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\Del.bat" "
- '<SYSTEM32>\ping.exe' -n 3 127.0.0.1
- %TEMP%\Del.bat
- %TEMP%\Del.dat
- %CommonProgramFiles%\seria.exe
- %TEMP%\Del.dat
- 'li##.crwye.cn':6668
- 'vi#.#rwye.cn':81
- DNS ASK li##.crwye.cn
- DNS ASK vi#.#rwye.cn