Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Tataz\ocvoce.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Tataz\ocvoce.exe'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\tmpf29996a4.bat"
- <SYSTEM32>\cscript.exe
- [<HKCU>\Software\Microsoft\Windows Live Mail]
- [<HKCU>\Software\Microsoft\Internet Account Manager\Accounts]
- [<HKCU>\Software\Microsoft\Internet Account Manager]
- %TEMP%\tmpf29996a4.bat
- <LS_APPDATA>\onedor.gie
- %APPDATA%\Tataz\ocvoce.exe
- '1.###.47.244':16276
- '71.##.56.253':22652
- '66.##7.77.134':15387
- '16#.#16.148.2':15242
- '98.##.107.213':17482
- '19#.#4.127.98':25549
- '37.##1.204.170':15619
- '24.##0.165.58':21251
- '65.##.127.254':10521
- '67.##9.65.113':14418
- '76.##.45.101':21230
- '69.#9.74.6':14775
- '75.##.49.248':29863
- '10#.#11.64.46':23323
- '99.##3.42.49':26480
- '18#.#5.10.18':12066
- '71.#.233.139':18736
- ClassName: 'Indicator' WindowName: ''