Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",ykyitasn install worker
- %TEMP%\ins1.tmp
- 'de###sso.mo.cx':80
- de###sso.mo.cx/xMShHfueBgtRXuF8cFADRzrl6WhwAFJ6pK775bUgg5VXg7jEpSJ2E7DOjrC9ty+V3yXJjprTUCUnQzzGLW9vU79VTU0eRg5wDNYMJo7C5jE=
- de###sso.mo.cx/ITGEvSzhzHr2tNZy+7iCg+IdEuBmTjEmbwY/OPhgKhsk/lLii/OjMcj4RRe41uP2FaIKYSE/2PlckzwWrmtucp48Mwm6qUSGH7CxaIuBgqI3cjOrvXwK2/zLnWMPkj5nmBlGw2/5bjQ5YsUhBhXJvL8H33JSr8ZxacGly9+O7JhGi9DaJvLVmGeZmAKxbtMRYgzYIt3d
- DNS ASK de###sso.mo.cx
- ClassName: 'Shell_TrayWnd' WindowName: ''