Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Coevo' = '"%APPDATA%\Oqojo\coevo.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Oqojo\coevo.exe'
- <Служебный элемент>
- %TEMP%\tmp9f86fc2d.bat
- <LS_APPDATA>\awpel.afo
- %APPDATA%\Oqojo\coevo.exe
- '82.##7.254.53':28349
- '18#.#8.223.189':10959
- '81.#86.0.70':27282
- '59.##.254.71':28135
- '20#.#0.170.170':15761
- '12#.#9.114.88':12866
- '15#.#38.132.67':14582
- '95.##7.177.128':17643
- ClassName: 'Indicator' WindowName: ''