Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Yjmel' = '"%APPDATA%\Ykozyg\yjmel.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Ykozyg\yjmel.exe'
- <Служебный элемент>
- %TEMP%\tmp721c5434.bat
- <LS_APPDATA>\duorky.dyt
- %APPDATA%\Ykozyg\yjmel.exe
- '94.##0.224.115':27794
- '95.##9.216.233':27732
- '14.##.131.63':25047
- '18#.#23.139.172':12806
- '79.##.153.248':12827
- '87.##2.49.173':11489
- '49.##8.49.120':25022
- '18#.#6.168.73':29397
- '62.##4.30.232':10595
- ClassName: 'Indicator' WindowName: ''