Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",jwegqyayuzcrb install
- %TEMP%\ins1.tmp
- 'yo##s.cz.cc':80
- yo##s.cz.cc/VIXOZFujJgYCFlav3H8069tSLPyQ9jRXF5MmIvh3ZxmlojOTuUNaP2D/j1AcXfYBoecIrc9xnLomVtPT1HntEoR0FffipfydNHW0O8s3pZwbCA==
- yo##s.cz.cc/TdoDbdUn1h5QkG02urjeok/Uw8DClCHOSkLcxoQ4b5GBSLJujSEflDNNOI6mV+30v5Uo0uptqmyttRF7Hg9jRuRCUqJ3RFqgBTY2VMzN/o7RVjUa86uxdv3qBdVc44U8VMU6H9/j1Q4KdaiTTfTfJtZtFa+KBIglP5htUAXZApAamWPRUdb3tlIVWJ7OJrHUPBGkR0bgLV8=
- DNS ASK yo##s.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: ''