Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Ushuy' = '"%APPDATA%\Olwi\ushuy.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Olwi\ushuy.exe'
- <SYSTEM32>\ctfmon.exe
- <LS_APPDATA>\etna.obv
- %APPDATA%\Olwi\ushuy.exe
- 'www.bing.com':80
- '74.##5.232.51':80
- www.bing.com/
- 74.##5.232.51/
- DNS ASK www.bing.com
- DNS ASK www.google.com
- DNS ASK hz########ykbaixswbqovdyykj.info
- '79.##1.33.157':29658
- '10#.#4.172.39':18939
- '84.##.138.75':10378
- '18#.#7.50.91':27916
- '18#.#5.146.52':26524
- '12#.#60.33.239':11657
- '21#.#05.236.215':10079
- '95.##7.161.206':11922
- '18#.#4.222.234':24357
- '89.##2.155.200':16926
- '21#.#09.241.213':16882
- '21#.#4.146.36':28073
- '67.##3.168.19':12484
- '12#.#38.64.141':25399
- '2.###.159.215':12792
- '99.##.73.189':29677
- '99.##9.193.22':14891
- '10#.#2.117.225':21677
- ClassName: 'Indicator' WindowName: ''