Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",jzzcmhvu install
- %TEMP%\ins1.tmp
- 'ro###son.ce.ms':80
- ro###son.ce.ms/bFvmWjqblk0pfnUOwZYRsi2DqSvLfTytfB38U1uABs7B7S1gjnAecJ4DW+LL+shnOzB4GjJmAPaqQobo6/uPjLCc51VPKul1CV6c2Hkeny3TYg==
- ro###son.ce.ms/OSWRHHeXc7woRzLUJ8s+vpAhSx9bcK5YIpTh7PpkU7bYv1UKEfr/xplPxj3DirxbuCDxClSSZJJcBDNDzrbgIKyuQOyYr3MHhJ2T/Y0xHdDKv5KvhrWF6cjJtCGGRmruwJ6J/HMXqC58b1b836CIWRE8ZikSBzJHLCFTc39QM95kx4DGclE2jWlrdGaZMz7Hk5ZoDq4u6Ng=
- DNS ASK ro###son.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''