Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",vgemvqevovldqh install
- %TEMP%\ins1.tmp
- 'he###onn.cc.im':80
- he###onn.cc.im/oGUiysqUeIsONM4I8u1x/36Mu7R9O256tIwQjGsUEABo/XkYhPd/R5ekeeNN38jGWYIC3JrTClPV8Ao6SW4npSVEytstNbGp3nYfHaUnnqYThg==
- he###onn.cc.im/iPgzDMVrifxItlQMv5Ee4hron1XGkVtwHIgmDO3iV/mF7tVlNlz0DVcyPHSF2D0TgvnLdNP2LjUbhWI3gZZla4vN8eyM0A+q2onVifatTCsN168K4bw1hDm2Ikokoem33nxcmwNEZfdEoVHLLPFQiBrUaDhjf30AkRcabSQZP8TlG5TMLIlk69Ih4ygz1q36ZMysBlI8yOE=
- DNS ASK he###onn.cc.im
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''