Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",ixmhcrfw install
- %TEMP%\ins1.tmp
- 'yo###elo.ce.ms':80
- yo###elo.ce.ms/iQnMfdnfAdA9U5ou5+Y9xWEEVxjUNHprNjPrYh+C/DeB9CW1g6seSCE7KCfcT0i04B3UgtAkt93cIDMfeHUo/TUKr/NJWxjszz2RCNBuE6inwQ==
- yo###elo.ce.ms/YAFdENJXxkNvMsbVcCalZkPwr7lp6aL8boJO/LrmbGuyhUqxHZl42jK6jiCQ65Eq6lC3EGDvO/OF7c/O3/N8uJimCSW34XG5LoZqC3hzCX+aR9RR1VF/3t9Glq0ySpdvPGF4TWlSyF2qXYfYOo1UjPMSggP9YjkffJ2S2k7K4JOFuLZqexL4MyIYHq0V2fwUUneTrMgdklQ=
- DNS ASK yo###elo.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''