Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",ypktwvkxscghwrn install worker
- %TEMP%\ins1.tmp
- 'fe###r.mo.cx':80
- fe###r.mo.cx/ARUFnpFiZAbSEa0IJiilyCVAWcHWBGsCdJqgLjKrjS9IsI3rlm3ygtiFQ3oKtPEGBQmFvg4a7bRoH3wu+KSruhj3i7wYn6TgrhlyW6hBdXI=
- fe###r.mo.cx/tXUlCFQXMvGrDi4Un8bV++v/bl4RlJkyMVs6bs0NE8QHW+4mvvMTDz8ldpqkUueYvkmyz3MJFyaE6rGyThP+ZVE+XC/bYVq0OYQTn6kjmK1YGHGMeDGnDO/RaWQvmJdJWIj/PVSyPwbpuzby41PI3jyovGOPFMDQz/HTQvquIoqW2AwgZyhEtQhUqIqNBA8ESOAPmVGR
- DNS ASK fe###r.mo.cx
- ClassName: 'Shell_TrayWnd' WindowName: ''