Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Aghej\osetxo.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Aghej\osetxo.exe'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\tmpb132a278.bat"
- <SYSTEM32>\cscript.exe
- [<HKCU>\Software\Microsoft\Windows Live Mail]
- [<HKCU>\Software\Microsoft\Internet Account Manager\Accounts]
- [<HKCU>\Software\Microsoft\Internet Account Manager]
- %TEMP%\tmpb132a278.bat
- <LS_APPDATA>\xaixij.lui
- %APPDATA%\Aghej\osetxo.exe
- '46.#9.88.66':24090
- '75.#3.79.84':25547
- '95.#.111.195':22305
- '18#.#80.103.254':13452
- '18#.#21.220.51':20888
- '95.##.117.147':17637
- '21#.#75.108.57':18744
- '15#.#9.37.210':15360
- '12#.#49.23.243':22348
- '37.##8.169.73':28255
- '17#.#3.78.89':19413
- '93.##6.223.97':10094
- '66.##9.153.144':29411
- '93.##7.149.13':20184
- '46.#9.8.231':13361
- '20#.#43.84.155':29379
- ClassName: 'Indicator' WindowName: ''