Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",tbjcuymnbt install
- %TEMP%\ins1.tmp
- 'fr####pelo.cz.cc':80
- fr####pelo.cz.cc/uDgjqtFY5+O4FzpXET9rory2nka2XEx5A4ty7rQ7jJL/7HiGEM2gIUyo2ZA8k9BRG1ysQxxpREa05PC3Nm0ixMVJR5CHYjAUkqMIirC+k2w/uw==
- fr####pelo.cz.cc/HhuOVJau6/ReDe0B4YDtWvWRzZ0aDkSzLo5EItHoTw6CICGtFd7Cp27of5xN4kJjG83+uSOseffA9BJgPclJnkVl5FJRhEsJhNRnaPSA7c9q03u4isyZjuuoAs1QhU8oVtt9lwXAMwNDYNHBa2smd2iPHVYcaOZ3YMzgAobvITfvmA405MYEbvyTLYkRlJaYPb6To9zrNnw=
- DNS ASK fr####pelo.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: ''