Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Otqyi' = '"%APPDATA%\Atzocy\otqyi.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Atzocy\otqyi.exe'
- <SYSTEM32>\ctfmon.exe
- <LS_APPDATA>\ykzyu.ydo
- %APPDATA%\Atzocy\otqyi.exe
- 'jv######fkvlxfujshxs.com':80
- 'cq#######pztkmvodydsweudxo.ru':80
- '74.##5.232.51':80
- 'www.bing.com':80
- jv######fkvlxfujshxs.com/
- cq#######pztkmvodydsweudxo.ru/
- 74.##5.232.51/
- www.bing.com/
- DNS ASK www.bing.com
- DNS ASK www.google.com
- DNS ASK jv######fkvlxfujshxs.com
- DNS ASK cq#######pztkmvodydsweudxo.ru
- '17#.#21.217.242':15852
- '12#.#9.114.88':12866
- '18#.#8.223.189':10959
- '15#.#38.132.67':14582
- '59.##.254.71':28135
- '13#.#94.157.200':13753
- '11#.#20.121.117':18480
- ClassName: 'Indicator' WindowName: ''