Техническая информация
- '<SYSTEM32>\rundll32.exe' connect
- <SYSTEM32>\rundll32.exe
- %TEMP%\tela1_2016.cfg
- 'bi#.ly':80
- 'www.ne#####news.xpg.com.br':80
- bi#.ly/1ntRTsS
- www.ne#####news.xpg.com.br/tel_2016.txt
- DNS ASK bi#.ly
- DNS ASK www.ne#####news.xpg.com.br
- ClassName: '(null)' WindowName: 'rundll32.exe'