Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",xdxealzgpysj install
- %TEMP%\ins1.tmp
- 'sa###nto.co.be':80
- sa###nto.co.be/boGsmGWZpdBBUhPSAa6ee0NbviXdqEDgWd3CmME5wumLWRfEPk7vJ6mL5dhczktF46GevRoJRlgrOxxEonh1/HRTb9fCN9lCMdGfh8jdtKAV9w==
- sa###nto.co.be/FcZZCukzwrCcVWEZLD2w7GGMi+x+QsDTMAfRH2vaRKOb5PIfYOvcGENIgSgc8Xiin2dsyW6qpfr/aR5zH00U8LwFd5mevZgz2uCvbGOXnENLXmc5pjpxTnEPJ1qsAn6fZBDRxIriDt6bjfn31yI8DrasUFKIYTXgFUHicV+zJAA9V0KIz+gLWbReo+Ockn8UcU8XyNN/5AA=
- DNS ASK sa###nto.co.be
- ClassName: 'Shell_TrayWnd' WindowName: ''