Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Jimisu' = '"%APPDATA%\Opup\jimisu.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Opup\jimisu.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\XLP9C0B.bat
- <LS_APPDATA>\iqakum.uto
- %APPDATA%\Opup\jimisu.exe
- '21#.#30.254.114':14154
- '19#.#02.83.105':17848
- '94.##.25.108':12022
- '10#.#33.198.131':15847
- '95.##.204.230':14479
- '21#.#7.148.66':29170
- '88.##.107.28':7605
- '68.##0.76.126':1024
- '18#.#8.200.75':6874
- '66.##.204.26':24382
- '85.##8.107.13':24084
- '98.##6.120.96':6227
- '10#.#4.172.39':3059
- '76.##6.114.217':1684
- '10#.#34.133.110':8387
- '88.##7.225.50':11426
- ClassName: 'Indicator' WindowName: ''