Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",xqjtifcdiwi install
- %TEMP%\ins1.tmp
- 'he###rnon.cz.cc':80
- he###rnon.cz.cc/ULhhfUDoBnSx0DNfuN1BURyKrgaVVO4hAP/c8BtVdjjDZe8+N49H04iSbubSBrey02Mnutn3fZmb8kSh47m3XofA9ygjM4E+ZiFj3D+xjagHMA==
- he###rnon.cz.cc/yJtFsaSVETwtwCT8FWSNtdjSPXCsm+LSFi8V7KjKs9DXTiS/jCpizMS6naWybNWgAM9lc4GQ+k3aVMimS4pV0QwZ+g2Xk7QmyiZJhyfhyALm0HIIQm+IBeAsh1yy5ID43R0fAew4tOawv3OtZIZljt0AYGiotumHaKgV/fmpZKuexWsvQAP4eYKe4k452HX/YivmXBogN8Y=
- DNS ASK he###rnon.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: ''