Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",zfubgasokzba install worker
- %TEMP%\ins1.tmp
- 'to###y.mo.cx':80
- to###y.mo.cx/RpkItIRhnoAF0H9CYrqbzij2qcZWFh2dD9rsax+Y/fhiOYs6GU/M2BII5ZDF/ss6yTPyvxJ0fJIP8aO2+zNV19LHbuPkOXpWdn0KyKKcKoA=
- to###y.mo.cx/okJQkFkeUi5+udZTRFlAzeftGazBiMt94CUqmilGKlw+H9DM/d5DzxoP1QgUSKu+Z57dRZvcgMYMa1W8qM/+/Qbquai1Abb4sH+QuZ0WEDDtBgdO0ZQVAnywvFZ+EQbi6Gk6pzLV4vxEkNkDaftAQANiyDkufscafJBcatRznALH5Bg3Sst6nGtNFnOPmF6Auz39Id4F
- DNS ASK to###y.mo.cx
- ClassName: 'Shell_TrayWnd' WindowName: ''