Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Mytyob\tiiwh.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Mytyob\tiiwh.exe'
- <SYSTEM32>\ctfmon.exe
- <LS_APPDATA>\yfody.pej
- %APPDATA%\Mytyob\tiiwh.exe
- '19#.#9.157.124':11145
- '21#.#9.138.218':28079
- '98.##6.120.96':22784
- '19#.#1.90.44':27835
- '75.##.139.23':13467
- '18#.#23.135.118':12524
- '12#.#37.153.234':28300
- '14.#7.32.8':21036
- '12#.#37.234.67':19477
- '1.##.80.201':26498
- '12#.#3.176.175':16876
- '11#.#15.171.66':20192
- ClassName: 'Indicator' WindowName: '(null)'