Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",ikoprwxrebpqju install
- %TEMP%\ins1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\Bm15cPPxg2OdEwQXqMTeh4mkUeXIgcPstxeA==[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\4pmpgWV4ZOSV0nq5Vm73ebguD5AIo3E20llvjNzfVC7AHFUUvyBZrX8=[1]
- 'ro###qoes.co.be':80
- 'localhost':1034
- ro###qoes.co.be/kzWSAUUbMveQ5ARDjhZ4x7HCxoxbCvcTzcHAghcBqdiUUQ+iFW3DXN1nJhZ/pTtP/3k8OW0av/Bm15cPPxg2OdEwQXqMTeh4mkUeXIgcPstxeA==
- ro###qoes.co.be/DnjpVLubQjTdg2zTNlJvMcMWCYgKaNmAgRczPYEtrr/MGY99JaMq7HbS0iGjyQo6pPINA/NjE71RAbjPQRa6BCaq7lL0aN4ya0k4gKIiGwnVTcROBdDXxZIiR2HQy0uHhKxIKvahdVvVZOziXOi/4pmpgWV4ZOSV0nq5Vm73ebguD5AIo3E20llvjNzfVC7AHFUUvyBZrX8=
- DNS ASK ro###qoes.co.be
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''