Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Vuojy' = '"%APPDATA%\Yrceog\vuojy.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Yrceog\vuojy.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\OZC89BE.bat
- <LS_APPDATA>\loylse.voe
- %APPDATA%\Yrceog\vuojy.exe
- '68.##.13.236':15057
- '19#.#3.232.1':12407
- '84.##.222.81':10378
- '21#.#05.236.215':24797
- '79.##9.44.209':15217
- '79.##.232.136':11922
- '18#.#43.233.84':11425
- '31.##2.7.235':28010
- '18#.#3.106.138':10541
- '21#.#09.241.213':16882
- ClassName: 'Indicator' WindowName: ''