Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",qnwvvhtjaambnev install
- %TEMP%\ins1.tmp
- 'le###nger.mo.cx':80
- le###nger.mo.cx/ZQKfSqwVkwodqXEBK4ePMfnddEZgjVEP6BjhuUafjWeDolmoxF36wuEPj7g0xbaYmBPeXXfCM5C4GhN11iTcOnGrsi7Jv7/9CaeSGWC7Ik4=
- le###nger.mo.cx/JjcLbHlbyE5j3oIjQM1cX35Bo2xtxVpfkAJS9L7aKR/JT35k1zE1hrwVhN6VeXHNRUnyYPjZN7V6C+9Ed8Slb/WXFINjTzjImK0EccLVXGz8/kECILpeCCdpnUSvKNqgcK1jlkasc7KMozfsq3Or8L2bp++aweak2dHolhcaZ7RJau0p84l/Kb9c6Pc5G1ybKdxOwuU7
- DNS ASK le###nger.mo.cx
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''