Техническая информация
- '%HOMEPATH%\rundll32.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\dw20.exe' -x -s 584
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%HOMEPATH%\rundll32.exe" "rundll32.exe" ENABLE
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5000e4fd3c0caa3b3e4b542b901821e6.exe
- %HOMEPATH%\rundll32.exe
- DNS ASK dn#.##ftncsi.com
- DNS ASK n5.##nkpc.net
- ClassName: 'Shell_TrayWnd' WindowName: ''