Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",gkphcdxrm install
- %TEMP%\ins1.tmp
- 'so###ee.ce.ms':80
- so###ee.ce.ms/OrzvPskhqJcAeUJj7KqHbLGWJQTrNL/naJUnPc1FbQH26ZPYRQGPFAONvLGZrep0NYGUOR8e/4q/OGXtyhkbVbTDAsS/JkgEznuM5+dUfa0=
- so###ee.ce.ms/GNFaymvG8Byy9wWKdZp12EWQ+268hXvrFEXVo2RR4asFxQvrpfUDIEK9azBHf5EK9GSKwq/GYKgTs48lOTIV1TMALkWLJcS4/b69nHmka2oimTHnwF+A9yWFrPIy+ICSrua26aa9GtzOZSTjk5ytZjyau2T46IxFQG5TDoEYHvk8OkYju9Z/8WWowPsJ1O9jjxnI/ngx
- DNS ASK so###ee.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''