Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",gvfhqhbcmyux install
- %TEMP%\ins1.tmp
- 'li##a.ce.ms':80
- li##a.ce.ms/EnJtzBaInNB474CdbfXK5LTVj00rhnQPYJqteoSQ6mdu1e8YKUx2olRs2TWBLrdiv6Y60krDvc/zkwnzeIhYfNy/ZlmLG1HnMdYACWlqeG8U6Q==
- li##a.ce.ms/feeholGtcFwAAijrIt+heySHWeoAoZ1DAictTB8eYWrhKkYzja9iOG38Fkwo5crAz1nXrx1F/452p16qcyOU15KnVw5Q/RLDnWrloTSdvr8K9IU4tEodnEdL71weGW43uMqYzSf8z/3pZ16VJSDt30m0e1ruxRiZOGvcSthll/9G+3/C+qlZhV8MnyKkHE0qu0TmdIcOJ6I=
- DNS ASK li##a.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''