Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",kqkpxvobo install
- %TEMP%\ins1.tmp
- 'to##y.ce.ms':80
- to##y.ce.ms/fNXtBjzERJmoc6JSbt9/5sZRd8pJ+6+VKS7wJwes/Lv5r6o9FlvrF7xAm0mNp94bhjDIHmWcF9MRdQeLUPJZXuD6/KHyn0xLDpTZFGsWs3E=
- to##y.ce.ms/DhiLpopwcaVBW+dwHjIA2J6X5X2RPdZ2EEA51aloOKtpbyyFOPb4nZllxrvFlRC4hEsMz+eXZBUreBwN9o9N0L4TQU/oHWEZj+fooG0Nvb7WyhOZEHsE6kfd5C1g2yA7FiQ0GYOAdfpIWIjNfKAox4WgxxZ3R/LDUZI9m3h3RMlhAHd+KUke67P1BPFGh9QCm2mXOTav
- DNS ASK to##y.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''