Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",gugsaxfq install
- %TEMP%\ins1.tmp
- 'ro###no.ce.ms':80
- ro###no.ce.ms/VWXirKRDjbBTDDFyb3/yquzlXLPjqjVDwtXDkWaNbSQqxXxiWdldT8MgFbieNQLCKd6WpPCgdx3uM6hPsMZzO8cjf/EwvqMjvjCCUIS7CYKZwQ==
- ro###no.ce.ms/THpdvFGAFG//Hqf2gZujC89q4QI31XAY3Qpb+MNh88UjpFRb+CO9gVPJCUYmcrSKcJG1gKbF3fhsIQkK/6SJDTQIcRaDKYbMc3RhVbrIVxmSSbRwRIfsQU9iQoXicfawWxvW+n9jdwx39E8bIT4QwLsMhhRlCrVzn4rwCAExA6CKSGrgAwiQPgEHyVkW8XP+1hZwp9wG+5Y=
- DNS ASK ro###no.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''