Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Juunvy' = '"%APPDATA%\Qeazqu\juunvy.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Qeazqu\juunvy.exe'
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\cscript.exe
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\ctfmon.exe
- %TEMP%\KIU5E67.bat
- <LS_APPDATA>\adojq.uro
- %APPDATA%\Qeazqu\juunvy.exe
- '61.#2.70.27':3458
- '18#.#6.203.9':3935
- '24.##4.134.143':3055
- '16#.#05.28.56':5395
- '81.##9.16.130':4344
- '24.##.177.150':5264
- '17#.#45.217.122':2943
- '99.##.221.159':4576
- '10#.#21.229.216':6240
- '27.##.110.77':5235
- '11#.#45.132.112':1193
- ClassName: 'Indicator' WindowName: '(null)'