Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",nodjyhadbzqjo install worker
- %TEMP%\ins1.tmp
- 'sl##k.mo.cx':80
- sl##k.mo.cx/YvKdRldbE+j8t7gWaKVdEi+zeB0uXQFwwbFvret34+zDspTlekqqfS0ALXe6wvI+b3zmgZHma2YQqnBjg+GNoaHbUcLQnlELHLWDG2nt9UE=
- sl##k.mo.cx/PPcFpWlJNVWmjxwYncHrR40cKDJEaZP4J7ZM+I75rVB56huTpk10N9XYgQqMpcZm+zPi3zLaiTuEFcfpqvPG/wsUDKZoVuRfmEIiToGvzPW2SCM6qLFJq1XwaRRbTMupSFiNhixnZHWmz4A9H0p2Uj4wigTN/5rLknlPxdSQdx0g9TbW3gMN441A1Qu5NGirpI6QID2D
- DNS ASK sl##k.mo.cx
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''