Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",hobnamkxtx install
- %TEMP%\ins1.tmp
- 'ch###em.cz.cc':80
- ch###em.cz.cc/IdcvmDmZJ7fk27ff4NkKpee3eJJZk3SUJhUv/A695zvxw42hUygdb6xPGxMz8OBpNMRDJyDYWnFIJ/BuvJ5iO6/A9Swnx73obIyc5ub3rfcvwQ==
- ch###em.cz.cc/hTfJkbXWJEpSWJr9oY4xCHWgMNjkcxwcsiQN9aSe0uYWBfXvbVwAgTYDqd6+hHF+FvDiXfUy8CBVOnQIEpPEhFauXD7WYo1QfQMs1UrHEhWFdqYud25t0VQ/MXzpNTWZerq1Wb5sqGqHs8LUTMDjkGOoni0CRcV4vPaQ1gbSSwsaliWTOlIwBzFT6x/efC9/kz61s7UUQqI=
- DNS ASK ch###em.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: ''