Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",oorustxvuce install worker
- %TEMP%\ins1.tmp
- 'ko##r.ce.ms':80
- ko##r.ce.ms/MJlcglHxlkWM2jmjztc+nQ2oUuSoh10ErqL4FG6GDDUaHZmk9HaLNplHqPIU8gyvjmDGSZc8xBEX5N8kIHTh3Tfhqqcck9I4ph5l3DkXy4Q=
- ko##r.ce.ms/QcFYiitE6M9gyIYhXOzVboY+ZFJ1iSQwkoMSEh4+y++wwjMKlf4xFpFNasv3V+mpUT2wnF+bsooYu2ZFiqu/QcoUzTkpdqGZ/PlgpYnCxvAIF1kHlaZ2VGusMx0dTO4Pfvt8b1adOS4nKOMlCawe51Qek2lHlP8GTD0kEl+DC30IfQTrrt5Yvz/uMZi76E1BfsQhYE/y
- DNS ASK ko##r.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''