Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Ipemup' = '"%APPDATA%\Mugori\ipemup.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Mugori\ipemup.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\TPXD8F3.bat
- <LS_APPDATA>\nohe.bao
- %APPDATA%\Mugori\ipemup.exe
- '95.##4.97.75':11274
- '18#.#7.50.91':27916
- '1.##8.9.155':18283
- '99.##3.42.49':26480
- '95.##7.161.206':11922
- '10#.#34.133.110':24234
- '83.#4.76.32':12904
- '68.##5.164.148':24591
- '85.##8.64.249':21646
- '10#.#33.198.131':15847
- '78.##0.36.98':20877
- '79.##1.33.157':29658
- '21#.#09.241.213':16882
- ClassName: 'Indicator' WindowName: ''