Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Gofeyd\ruede.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- %APPDATA%\Gofeyd\ruede.exe
- <Служебный элемент>
- %TEMP%\tmp9e6adaeb.bat
- <LS_APPDATA>\goloi.efz
- %APPDATA%\Gofeyd\ruede.exe
- '14#.#.213.30':18592
- '75.#.222.103':11577
- '95.##.110.195':28758
- '18#.#6.66.82':17103
- '49.##.77.245':11443
- '36.##.137.219':25562
- '99.#6.3.38':15247
- '17#.#3.238.72':22869
- '90.##6.158.215':15920
- ClassName: 'Indicator' WindowName: ''