Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Acejty' = '"%APPDATA%\Aqazx\acejty.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Aqazx\acejty.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\tmp1fab48c9.bat
- <LS_APPDATA>\kitato.ede
- %APPDATA%\Aqazx\acejty.exe
- '10#.#15.44.142':20626
- '79.##1.176.54':10224
- '21#.#05.236.215':15683
- '18#.#7.50.91':27916
- '19#.#1.84.108':16276
- '78.##6.89.166':10747
- '95.##8.32.241':11952
- '94.##.18.243':20137
- '14#.#36.161.103':14675
- '14.##.250.244':18480
- '21#.#09.241.213':16882
- '49.##.247.54':26513
- '12#.#0.173.219':15023
- '19#.#69.125.228':29902
- ClassName: 'Indicator' WindowName: ''