Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",tktqiitdf install worker
- %TEMP%\ins1.tmp
- 'th####andgua.ce.ms':80
- th####andgua.ce.ms/QHSjUePsljQeEX7X6mWmC+EcvSs/81jRiUhhPedcw6PkK/uKQoJIt/4t82oHrSVWIeq5syqpKXUhuVNvm4iKqciUkdJ0LdJTq0OleUdL/eM=
- th####andgua.ce.ms/dXuVkKUNJ2wTDFUEsjL59lLbe2yqATLSHrK0iF7MtCANAz7DOxWn2aMFgBMkHn6TUqBc8RbiLf++mJLGSEQctpzmeoCJnCMWizJF67A3aeQNRyYWBzd9YE/t3ZgMV3hhjN8GfGnSESEJlYwTPXCvH5Poy+0VLxemJI3mQBLf5+I1lVk0+MGidxOFcXo5jIqCPoDa8lMe
- DNS ASK th####andgua.ce.ms
- '10.#.1.1':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''