Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'a0cd6c50cff864e26dcbdf4b40cfa341' = '"%HOMEPATH%\webserv.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'a0cd6c50cff864e26dcbdf4b40cfa341' = '"%HOMEPATH%\webserv.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\a0cd6c50cff864e26dcbdf4b40cfa341.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%HOMEPATH%\webserv.exe' = '%HOMEPATH%\webserv.exe:*:Enabled:webserv.exe'
- '%HOMEPATH%\webserv.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%HOMEPATH%\webserv.exe" "webserv.exe" ENABLE
- %HOMEPATH%\webserv.exe
- 'hu###m.ddns.net':7070
- DNS ASK hu###m.ddns.net
- ClassName: 'Indicator' WindowName: ''