Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",jzzcmhvu install
- %TEMP%\ins1.tmp
- 'el###ll.ce.ms':80
- el###ll.ce.ms/LhgRFOuLlpLHoe9VDxoOEhRkGgtqxB6oCJwDCD6gTEQ4JOR4xVqOp5DcjI4DGSHX+MDoL5Hwdr7r+ZtYkazudvp5918dlBbM6cahhRfPodcwxg==
- el###ll.ce.ms/pTdbzbPwOaI80heV8Ai5dJjbiN8ZFcDNNMtYl2X6wwQk3EltmwCAKtpD3dT0Bbt5GASbRLgVIga93x85jYT0V7FfUdNRBwxZg5yYzshinq9rHiCJD6hO5G+xRPApKnnz8cnxH00clY3k6bGItjJMUtrWVDv2Jyg0BQmBbmgVVsBNnwMyEsDDDxdag3nv+ezLD9T48jF8d1o=
- DNS ASK el###ll.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''