Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Asygy' = '"%APPDATA%\Onwu\asygy.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Onwu\asygy.exe'
- <SYSTEM32>\ctfmon.exe
- <LS_APPDATA>\maas.yrc
- %APPDATA%\Onwu\asygy.exe
- '96.##5.249.188':4688
- '76.##6.114.217':2844
- '62.#.195.49':10023
- ClassName: 'Indicator' WindowName: ''