Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",kqkpxvobo install
- %TEMP%\ins1.tmp
- 'he###e.ce.ms':80
- he###e.ce.ms/iXrBqyBg7jvHZqN4hD+/F0vZ/3vI04KIthXlikJzLp4K/ozoOb4QuCMjOwFc24/zI+4DfqZ26skORJBIDrvq/YqiVDAcu/obSg+eB9Cmc4biiQ==
- he###e.ce.ms/zBxqwGDiYDX/byrx2m+BZJloxSTnUHYwBiagFKo1EqyoMcKmQAbIH+VyPcazY7IcaZRCRB9KivCOplqMZJXyndN6aRJASxN1zAYYLmDo5ycjrZhcPdufVbVNfbL3R//BJd951CSJK1YQcT/kckrywd8V6SpgH4v5k4bidlOPulXIbNVDtNrGnQMNacYT0hmFi8Cj0ie6pL8=
- DNS ASK he###e.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''