Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Awirup\osodu.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Awirup\osodu.exe'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\tmpbb989ec1.bat"
- <SYSTEM32>\cscript.exe
- [<HKCU>\Software\Microsoft\Windows Live Mail]
- [<HKCU>\Software\Microsoft\Internet Account Manager\Accounts]
- [<HKCU>\Software\Microsoft\Internet Account Manager]
- %TEMP%\tmpbb989ec1.bat
- <LS_APPDATA>\fadev.itn
- %APPDATA%\Awirup\osodu.exe
- '24.##0.165.58':21251
- '99.#8.30.82':14974
- '14#.#76.125.203':10568
- '96.##.35.109':14435
- '19#.#43.220.218':15242
- '94.##.185.188':26120
- '71.##.56.253':22652
- '15#.#12.138.69':23731
- '15#.#9.166.206':10117
- '85.#.95.205':15080
- '10#.#11.64.46':23323
- '99.##.152.226':27763
- '18#.#56.76.158':23986
- '66.##7.77.134':15387
- '50.##.177.24':25517
- ClassName: 'Indicator' WindowName: ''