Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",gzqolmkwup install
- %TEMP%\ins1.tmp
- 'he###oge.ce.ms':80
- he###oge.ce.ms/wJsHZOSeH1iiCqlZ1bQ6okCnNisrvLEnxiZsR0Q+B8t4b3fpLpmQxnjEeSlEiWaKFohGT5rbJpqqZr0+WMmlTev2hW1e9anUFrMNPWJWuWLmpQ==
- he###oge.ce.ms/fSgtmRegjXY86rVFEMg71Y2ODoaX4DIcO6XKEcgp46mXbFjLrHAGyNyZCJRPkvmD/tFRxGBi/Au1H0UXsS/WrqXu1aOFJT2LgQPvSgKxwF+KtKtc/keX6A07YO+3cVtAYH9pjkI57Hfa8+yCYul/fd8115GgLJ3x6HRtx6B8u2UYi+0D25YDYy93CXV0DpKNeRVqoFV0y9Y=
- DNS ASK he###oge.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''