Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",yibrimressdwfwb install worker
- %TEMP%\ins1.tmp
- 'fe###oe.ce.ms':80
- fe###oe.ce.ms/vXtnxnWZ4IK0V+JO+hEeh68cOAWGtl5ayTLFu0vu6LAESxEZcmEkHjM19sq5fjrkaDLY83te6moQu68sHlwVVF+LJHsXOc0dm9cuONcW90s=
- fe###oe.ce.ms/gXijhGCmZbfyCOhz8KCQwSabg3ERrHHRfyCkmaGSwNcTdcFxsk5IiIfprAqYP00xdkyKUXgEkbY+WUjvuXKljpNN2F/onVZztrQJ5Xy//8ixoOQ4QGV73Hp0FX3jld694QSyd3PmLUIowlxEMCUjDIu2SqZGAX9rcwZwp+QxPSR2eS0kfuBANci+EaNkn1fR2adSOb4U
- DNS ASK fe###oe.ce.ms
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''