Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Xyzei' = '"%APPDATA%\Qazai\xyzei.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Qazai\xyzei.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\EMD501A.bat
- <LS_APPDATA>\ipqo.gyu
- %APPDATA%\Qazai\xyzei.exe
- '87.#6.14.62':21608
- '18#.#53.47.135':17407
- '93.##7.174.224':14814
- '78.##6.55.249':19346
- '76.##6.112.216':24591
- '14#.#36.161.103':14675
- '99.##9.193.22':14891
- '19#.#79.243.34':18051
- '99.##3.42.49':26480
- '17#.#0.101.100':18590
- '95.##9.114.32':12384
- ClassName: 'Indicator' WindowName: ''