Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",kqkpxvobo install
- %TEMP%\ins1.tmp
- 'gc###ndez.ce.ms':80
- gc###ndez.ce.ms/vqvyVFGVywiP4ZxcMeQqX/SlJ+n8/ZhXZd7FguPUskcrdUL6ZZWJoWxbDg4yT8IxjyPdOvvqbwJjnLgzowgR7xpfHkho3aAIKzzppn8gamdlFQ==
- gc###ndez.ce.ms/IcueELwUkEF7prRix3ajD8lyDhVoRb5IIPHExbtkdHKMHGsPC+E1yUGngpZuAEXy5YcpPjvxondq++dSqTnbPNbEEMDUuqqb5SNxCvXIP5tm11gIflU2V/uPThbQucBPB0qatH9Ra2hIvEMY3nq+NHY4mN2ehUImWtdR8dXISyYk1+PY3qYCzXJnVXYwtLVy0HfFRN6lfoE=
- DNS ASK gc###ndez.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''