Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",uffwgnrsbhwti install worker
- %TEMP%\ins1.tmp
- 'es##w.ce.ms':80
- es##w.ce.ms/xXevbbdXuOTOrwvooUTql26crXNNuez4kJ7qBrYM3P+aVIk9P8bCl7Mtg7iGUSxX7snya02gSh8vFwRhrQ/jS1SLgnxNqt9s+6dNZEnKXNI=
- es##w.ce.ms/xvOWkaClHoS0MF4LPvcsRnJ7LoM0Llz/qZYm93N6cxy9wa59R3NDcIAskOaC86AQWakMkYAuJpp2YL1XUn6TfEj9TXsNNnGMSIjkuKx7F1VqfvKAkOsteMwaxlvGJQpZi/Iet9WG0WXRg78RV/L6AOBIvqYDDOzUSbj6NTt7dC9ljk3f90yObSM5GJGl51t1XJtNGDk1
- DNS ASK es##w.ce.ms
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Shell_TrayWnd' WindowName: ''