Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",wdtelvnjbuqh install
- %TEMP%\ins1.tmp
- 'wm###how.cz.cc':80
- wm###how.cz.cc/zuQBLCcaP4Uq70rFoU42PRDjWrr8+OdlZoKj8u39L+wvLFzlvxpGxx9yAJ8OVSs7bL7oTkFy0qe2zQzTPa4+rKBkmKWPTvCN0f4VqBd4baCEuw==
- wm###how.cz.cc/yfUDcGISipsXXuE3HkY+nOoW1ZJj4QTykYa/aYQjVnJkW92arLwMm1SVILMeeLjxLwTExWlYCP3CoVVq62vLF0N0YWhmSQUpgpcM/3RZCGyfTDJ909RXKU8uPHKskO/cVnIWoeAwhEwl1hob70VgTvSupT0C9b239f2wP9HkuTmwqnKAHo/DN4LHpCu83UTTB4ih3PDLqAg=
- DNS ASK wm###how.cz.cc
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''