Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Leqapy' = '"%APPDATA%\Kaop\leqapy.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Kaop\leqapy.exe'
- <SYSTEM32>\ctfmon.exe
- <LS_APPDATA>\yhxa.lap
- %APPDATA%\Kaop\leqapy.exe
- '41.##4.239.29':10001
- '79.##.154.174':7520
- '84.#9.131.0':7605
- '17#.#3.147.65':3319
- '21#.#32.249.173':2848
- '79.##9.11.65':7570
- '10#.#17.117.139':8593
- '82.##1.180.182':5457
- '46.#9.36.20':9752
- '10#.#34.133.110':8387
- '66.##.204.26':24382
- '64.##6.115.72':10010
- '20#.#09.58.176':24069
- '19#.#02.83.105':16419
- '10#.#4.172.39':3059
- '2.###.133.66':6474
- '76.##6.114.217':1684
- '2.##.50.124':24606
- '12#.#38.67.140':4636
- '90.##6.118.144':2081
- ClassName: 'Indicator' WindowName: '(null)'