Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Edzepe' = '"%APPDATA%\Ycumi\edzepe.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Ycumi\edzepe.exe'
- <Служебный элемент>
- %TEMP%\tmp0fa74de4.bat
- <LS_APPDATA>\ninawy.myu
- %APPDATA%\Ycumi\edzepe.exe
- '61.##.192.146':16252
- '84.##.222.81':10378
- '94.##.95.160':25068
- '19#.#51.129.114':15025
- '98.##1.143.22':19595
- '85.##.67.158':26522
- '18#.131.8.1':13957
- '15#.#.231.137':23627
- '81.##3.35.84':27777
- ClassName: 'Indicator' WindowName: ''