Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Suocty\yzcyoz.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Suocty\yzcyoz.exe'
- <Служебный элемент>
- %TEMP%\tmp2a7e96d6.bat
- <LS_APPDATA>\eszo.ujo
- %APPDATA%\Suocty\yzcyoz.exe
- '18#.#23.135.118':12524
- '19#.#69.125.228':29902
- '24.##0.165.58':21251
- '99.##.188.39':17053
- '99.##0.209.246':13467
- '95.##.46.139':23572
- '64.##1.249.250':27667
- '41.##0.197.20':22835
- ClassName: 'Indicator' WindowName: ''