Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",zfubgasokzba install worker
- %TEMP%\ins1.tmp
- 'om###h.mo.cx':80
- om###h.mo.cx/kStiqkrfPjGT0afx2w/RpHpqxk42UXif/K09UrFfcx8EtSx0gziJO4I/oVNTOdnwm51QJFx7YLIYodVFc2Z9AJ+LojjwurQGDQarMdLAh60=
- om###h.mo.cx/pAwuwQilFbuyOpHG1qxznsUsZ9EV0UyBl750fS0gSwXDAD26hY4vymhB9TJXLsshCAfeGi4Mw7QDwbvZ880FqI3/0X4IbM5dQpum+dvi5BroFMVVhvxQPZ5DKMItJgXqGznmuTlAD8x+GzHy/no0chZh/RJ3IsXxQcpMPv5osBQXOopO2Iq1ZLiPQ7kDPhQfwSPkh+IC
- DNS ASK om###h.mo.cx
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''