Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Huoc\nyug.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\tmp153817f8.bat"
- '%APPDATA%\Huoc\nyug.exe'
- <SYSTEM32>\cscript.exe
- [<HKCU>\Software\Microsoft\Windows Live Mail]
- [<HKCU>\Software\Microsoft\Internet Account Manager\Accounts]
- [<HKCU>\Software\Microsoft\Internet Account Manager]
- %TEMP%\tmp153817f8.bat
- <LS_APPDATA>\evani.atj
- %APPDATA%\Huoc\nyug.exe
- '99.##.152.226':27763
- '69.#9.74.6':14775
- '87.##3.112.174':19469
- '68.##5.183.50':24329
- '94.#5.0.48':10408
- '64.##9.121.189':13503
- '95.##7.203.147':10047
- '66.##7.77.134':15387
- '65.##.127.254':10521
- '15#.#12.138.69':23731
- '24.##0.165.58':21251
- '20#.#72.243.164':18760
- '96.##.35.109':14435
- '15#.#87.141.9':12959
- '99.##3.42.49':26480