Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",xncujvchq install
- %TEMP%\ins1.tmp
- 'ne###n.co.be':80
- ne###n.co.be/RELVbgOcsj3T+FBcJCA6ZSf9s+nDk5DAgXWycY/ZgKcee7DMRjZc/Lc2KWa00ldto5nyEMXjp4mMq0kIm3LbvYNwe1mm301Fwcnb9fGG43w=
- ne###n.co.be/RQVsXPmPfifmjwufHV+n33KvSWKdvX2Ej8/T0dagK1DdoFVpXm3PgYQimeI7yscnfpOeUjWGmR1YDW6l4t1zQYxwLE5ReDajIMTQ6olqKGHacqnoKSwvMU7/dPKzJ/YGJH5cJpp461TqCtcWdzQjWM9wVkiQ8ka1Y3J6VpYJzxrOPGBTc/TuvCf9v9mS8OpSgycaPjhv
- DNS ASK ne###n.co.be
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''