Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- C:\System\SystemVnc\SystemFiles\lsoss.exe
- <SYSTEM32>\tskill.exe svcohst
- <SYSTEM32>\tskill.exe *0m3g4*
- <SYSTEM32>\ping.exe 127.0.0.1 -n 3
- <SYSTEM32>\tskill.exe lsoss
- <SYSTEM32>\netsh.exe firewall add allowedprogram "C:\System\SystemVnc\SystemFiles\winvnc.exe" "OverSight" ENABLE
- <SYSTEM32>\netsh.exe firewall set opmode disable
- <SYSTEM32>\cmd.exe /c ""C:\System\SystemVnc\SystemTemp\Relocate.bat""
- <SYSTEM32>\svcohst.exe
- C:\System\SystemVnc\SystemFiles\lsoss.exe
- C:\System\SystemVnc\SystemFiles\ultravnc.ini
- C:\System\SystemVnc\SystemTemp\Relocate.bat
- C:\System\SystemVnc\SystemTemp\Relocate.bat
- 'localhost':1036
- DNS ASK www.google.com