Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",nykbvgylchzhpzf install worker
- %TEMP%\ins1.tmp
- 'km###ech.ce.ms':80
- km###ech.ce.ms/NchGoYeC2cXN6+IgD/Ph/wzDH7PUAMyyN5hj8aWHqLfzxS+Zhhvf7K4hOnH89SG6TX4vyX5mxGhteBThwevbQ/Ak2eTJk+BZpnyqy8ZepQ8=
- km###ech.ce.ms/SJYwtFpxbO2AZNxu4EPA5xEYTlMLjqMHD8sEcMTw7dwg51ooRWG+EWXZp2zI+Uhq5r+vaJ7q8ai8/AiDhpIjDRVkblxQALN2B3gXg8V5mwvs19/XLRgcEIA7oh9g9Yq286WSjpXRG7AzxGX+w931bAustP3PWUhwfZz0nLaHS82SVr6A1z9WyUZWa+jN03l3SmvH3WYE
- DNS ASK km###ech.ce.ms
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''