Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",yibrimressdwfwb install worker
- %TEMP%\ins1.tmp
- 'mc###lo.ce.ms':80
- mc###lo.ce.ms/jzkSBqRze19NfRFROzAlcJKH2ndY166uBJeMs71KHHS1yMTnTQNzHoPM83et72Ryt7B6URqizAcsoLNNUzSXztACO5+Roz6DrQI7TU9hJ8A=
- mc###lo.ce.ms/yxzwyjrv0Szpap8XGjzd9T2Q8qO0K37IKlTFRFAikPgmlmXDvMW9c4s4R1WKZCN0hOQ7qSWNtUb6GFZDYl2u8rbzSYr+lVnSZE3klku/f+doBKjAhxvwJ2D+BsDQuByr9vaPh2SJHkCvgLL5N+mlCqLe3B7HuFVm+zaG8AUpsBhiKj2Wp4TSgB8eA2K0DKWrLSMxBvXO
- DNS ASK mc###lo.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''