Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",qcgyweaxsvdswe install
- %TEMP%\ins1.tmp
- 'fo###s.co.be':80
- fo###s.co.be/yXOHxeVDSy13GfhiIUDMSS4s4tHcJrDDcg74TYz7G3D07CLWfYB+vOMWy9iul+B7vJ3BMIgwZzsR7cukPWP0xMkyXEg3jWi7uIN/3JDY2CA=
- fo###s.co.be/QAJkdKuxLwgubJkbrKUhp8F2li91qM8zi9vYgT+dB+BmNE9PhYdey0WZ5MN0jAyVOfl5qawRjRq1+pL2cmOz/YgtLYP+i2HmidxrABPnwcFhYaX66al6BaI/Kaq/ulrvUD3+iOOT8d1lR2wiY4PEHHPvwQXKzjj04vudpsHYCiwdc9QFVefxFtqqtaDb7P07QQMmP3XW
- DNS ASK fo###s.co.be
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''