Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Wehuez\owihhi.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Wehuez\owihhi.exe'
- <Служебный элемент>
- %TEMP%\tmpa76eeee6.bat
- <LS_APPDATA>\ijib.omz
- %APPDATA%\Wehuez\owihhi.exe
- '19#.#7.222.42':24309
- '65.##.137.178':19369
- '71.##.132.182':14506
- '99.#6.3.38':15247
- '18#.#23.133.68':10802
- '2.###.220.70':17639
- '20#.#70.169.29':19828
- '37.##2.41.102':26281
- '85.##.108.26':10023
- '15#.#39.226.214':10903
- ClassName: 'Indicator' WindowName: ''