Техническая информация
- '<SYSTEM32>\ping.exe' www.google.com
- '<SYSTEM32>\cmd.exe' /C ping www.google.com > "%WINDIR%\pp"
- '<SYSTEM32>\cmd.exe' /C DIR C:\ >> C:\CONN_"%USERNAME%-CRNJEUFU"
- '<SYSTEM32>\ftp.exe' -s:"C:\Users\ccc4.dll"
- '<SYSTEM32>\cmd.exe' /C ftp -s:"C:\Users\ccc4.dll"
- '<SYSTEM32>\cmd.exe' /C NET SHARE > C:\CONN_"%USERNAME%-CRNJEUFU"
- '%WINDIR%\svchost.exe'
- '<SYSTEM32>\net.exe' SHARE
- '<SYSTEM32>\net1.exe' SHARE
- '<SYSTEM32>\cmd.exe' /C IPCONFIG/ALL >> C:\CONN_"%USERNAME%-CRNJEUFU"
- C:\CONN_%USERNAME%-CRNJEUFU
- %WINDIR%\pp
- C:\Users\ccc4.dll
- %TEMP%\~DFAA0A.tmp
- %TEMP%\~DF9D9F.tmp
- %WINDIR%\svchost.exe
- %WINDIR%\win1.ini
- %WINDIR%\pp
- %TEMP%\~DF9D9F.tmp
- %WINDIR%\win1.ini
- %WINDIR%\pp
- 'ft#.##freeserve.com':21
- 'localhost':1039
- DNS ASK ft#.##freeserve.com
- DNS ASK www.google.com