Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\ftp.exe' = '<SYSTEM32>\ftp.exe:*:Enabled:ENABLE'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "<SYSTEM32>\ftp.exe" ENABLE
- %TEMP%\1.tmp\2.bat
- %TEMP%\FTP_Script.txt
- %TEMP%\FTP_Script.txt
- 'localhost':1038
- 'ol####.myjino.ru':21
- DNS ASK ol####.myjino.ru
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\2.bat" <Full path to file>"
- '<SYSTEM32>\ftp.exe' -s:"%TEMP%\FTP_Script.txt"