Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",rorbravt install worker
- %TEMP%\ins1.tmp
- 'fr###lo.mo.cx':80
- fr###lo.mo.cx/iCAbZWCVmG3+vtYBG53hE+PiR7FKtQDXh+9Ybgycd/eFxvSeDReDl3d6SaQ9hxWWA8A6n+ZPhwqD9b+NpSOL16t2y3gYoakK00VfFgr4L/o=
- fr###lo.mo.cx/NEeHkivm4VVxKF9GvzIW9jlln2XrCjWBwRuK0f+ikyenjo5MnzVs+aaEESGaZtm6XxvUaH4vpFYutTxhslHqgylvBfButZ4zow/h2z5tX6em+3CnwMsvV4tc/QqoA37JsLGdfCpRh7IA3voQkuLYkptgjfDkXZOl9XlpraEznjFLIzvALvyyNebwRG6iYFupP8//aqNL
- DNS ASK fr###lo.mo.cx
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''