Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",pikwlvxogxxowg install worker
- %TEMP%\ins1.tmp
- 'ge##r.mo.cx':80
- ge##r.mo.cx/DTtupTHDnXbmbioYFE1CzXhHD6yi8SRpE80QKg+BHnR0fy/leicEw8hhMZAxInHhC5qMjcvPzsS3b+dCMtozr7liBLK4H0NCiTpZmAEUe1o=
- ge##r.mo.cx/QJFrbbgOTlGk9DFV85jt3lXPLgWr57xlFwf4wnvYpPsFVa5amEd49PkfToTxoQbvy2S8nje7TX4sm9L0f43n5i6+uERxIGDeskpurK8sTxBNix+HxJKVpoBL79mpRwwyTMnnFg86vLjeFaJVYH/k3oxi+KJBa1Xh0Vw7v3lqNYakFkdYTg3RTug0fFr7l7A2XZkEWaym
- DNS ASK ge##r.mo.cx
- ClassName: 'Shell_TrayWnd' WindowName: ''