Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Lopabu\ivyh.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- %APPDATA%\Lopabu\ivyh.exe
- <SYSTEM32>\cscript.exe
- <LS_APPDATA>\opevyx.moa
- %TEMP%\tmpcf84c0cb.bat
- %APPDATA%\Lopabu\ivyh.exe
- '18#.#49.27.79':15333
- '19#.#33.99.236':12114
- '18#.#29.221.86':22097
- '77.##2.58.208':24916
- '95.##4.38.88':19526
- '17#.#3.243.108':15850
- '88.##0.103.115':12189
- '75.##0.108.55':13972
- '67.##.147.253':10598
- '87.##.111.55':14593
- ClassName: 'Indicator' WindowName: ''