Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",kqmryujwnsi install
- %TEMP%\ins1.tmp
- 'sa###zo.ce.ms':80
- sa###zo.ce.ms/wbpeHEMzVBS8AZY38QJLDTyXunHSFyZ/hgWgmnSV3QIDr7/J1t5VztO1HCC672CILl1ZE5rxUDbwilFc7n7Uge+6FZ63DHec5t2Xlb4pAJf4jw==
- sa###zo.ce.ms/yMCsOZgiP437ABWO9CPTZNbRTqvE3mcwUdebGcvyDHG+BhLy1bHAazjJcsDjfK2CdjKJR09PccLg6MQb6SgH4x+OOwx7Ns0lf38NfJb5gTdMrDBnalphyfD7R/k5j3gayndWRoHZ1Ml1fU1qwDSazf5sIyj6JancJRkOfjl7XYVmH5xEL3iXuHfCcMx0nwFd7ficjtrufnQ=
- DNS ASK sa###zo.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''