Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Otun' = '"%APPDATA%\Jeiv\otun.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Jeiv\otun.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\DQG6CED.bat
- <LS_APPDATA>\asasyr.vil
- %APPDATA%\Jeiv\otun.exe
- '24.##0.165.58':24668
- '94.##.39.230':20143
- '99.##3.42.49':26480
- '14#.#15.161.74':14042
- '78.##5.22.181':27344
- '18#.#30.22.70':18051
- '21#.#09.241.213':16882
- '94.##.17.242':16701
- '89.##2.155.200':16926
- '10#.#4.172.39':18939
- '70.#2.91.95':12903
- '18#.#53.52.160':15386
- '12#.#3.58.139':18717
- ClassName: 'Indicator' WindowName: ''