Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",rsgafgiwd install
- %TEMP%\ins1.tmp
- 'ce###gein.ce.ms':80
- ce###gein.ce.ms/OUmEXczKGk66i6MvH0aAZBt/Z1+ezICrT5GbdHvQJne1ohg5o4Cb5pBNc0q2EQpJ2NP0+uRX/FFYosvYjFAyosh9c8+YctFaEKgEy18DCaazoQ==
- ce###gein.ce.ms/huWATkxUAbq5Z9Vq/x2Ixemhv//KzVqSG2U9BoOV/n/FuXpHPu3j79g1aiUA7AKn7shyOCttQiLLvC4UAYSsFmEMi/Q9/IjMeTTsMX/NV2QwVCOh7FZnYJH3CGonb7Q+RGF4YKzVwFytSeuHATk45eDf030o7gYtMeKgoZClbBZVgK2UKzQrFEgD2r8Ed7/7hnIEEpeeTFs=
- DNS ASK ce###gein.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''