Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{933AD0B8-98FA-DE3D-D31A-02D38A850F15}' = '"%APPDATA%\Oxki\ihozk.exe"'
- '%APPDATA%\Oxki\ihozk.exe'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\tmpd7c2e5eb.bat"
- '%APPDATA%\Oxki\ihozk.exe'
- <SYSTEM32>\cmd.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1609' = '00000000'
- %TEMP%\tmpd7c2e5eb.bat
- %APPDATA%\Hysy\maabt.ufx
- %APPDATA%\Oxki\ihozk.exe
- '10.#1.192.4':443
- ClassName: 'Indicator' WindowName: ''