Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",rorbravt install worker
- %TEMP%\ins1.tmp
- 'fr###lo.mo.cx':80
- fr###lo.mo.cx/qXWWBrMG7YPWgdCC2jF84nKB+OmOsgh955GV+Mth5u0VLK+wPbMC7acFIMsLe2jAIpWe1bTdS7SJFC6EnBd7bcqTi8Fx/w7hfvUVx1qqv4I=
- fr###lo.mo.cx/jiuLjlxGu5k6dXtsXlUwpgJzTc9w7+UtTYcsV1s/580ABWoSorawRSlFoKT0ZNmRJqKXG6wrku/BHlyKBEQeZ/jtl5omnNjoRdggGp/z+KiBUdQVREmFPAnv7s6Y7wv3OU3vXw8d5ZRCePdrbpLTgcKPnqqINmflbuoTHaQeJkLbhNLCjxDuu4SAYOE2evseWRs/U0mg
- DNS ASK fr###lo.mo.cx
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''