Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",gzqolmkwup install
- %TEMP%\ins1.tmp
- 'he###monn.ce.ms':80
- he###monn.ce.ms/caHcsEhQ/6tAjQhLc3zvlNIEGL8ERHi4T8+Yi+9lS2scI1mrd56nKoKndmOnCTf+oBDsm1kaT12HIgIYZ/7YtqP42lUFtYkwL6jHO6Ylg3cCeg==
- he###monn.ce.ms/DpSuNgMrMsdnxBfijJ1fNinuZarAzHfT1VA302WXo/E6Hrxwpx2cw2xZ/rlN+/KM9rpUR6T17ZYOPaBHvKmiuRCo6Uhuyg2tY4RHmHhBt7pwxvbnYwa9asEtm4HuAAgoSRMjkG+jwkH+RjkvpXoKM3h9plgYJQZ+VB64I/v2aWT20sxmNWrkyEEScYrnwQkNbfwToCLnOJU=
- DNS ASK he###monn.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''