Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Ogful\tobe.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Ogful\tobe.exe'
- <Служебный элемент>
- %TEMP%\tmp71f82b30.bat
- <LS_APPDATA>\maliod.iwf
- %APPDATA%\Ogful\tobe.exe
- '87.##3.67.62':13844
- '10#.#52.101.181':15644
- '83.#3.49.5':18849
- '19#.#38.184.94':23176
- '10#.#0.192.119':19195
- '95.##.230.212':12698
- ClassName: 'Indicator' WindowName: ''