Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Uzyq' = '"%APPDATA%\Umto\uzyq.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Umto\uzyq.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\EKJC296.bat
- <LS_APPDATA>\owyvid.baa
- %APPDATA%\Umto\uzyq.exe
- '84.##.138.75':10378
- '12#.#38.64.141':25399
- '89.##2.155.200':16926
- '62.##.155.182':20947
- '24.##0.165.58':24668
- '62.##.100.211':26635
- '79.##.128.54':15255
- '92.##.36.120':12243
- '66.##.204.26':29482
- '79.##1.33.157':29658
- '31.##.150.109':13464
- '21#.#05.236.215':10079
- '21#.#09.241.213':16882
- '78.##0.36.98':20877
- ClassName: 'Indicator' WindowName: ''