Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",vfajljqyjdqxti install
- %TEMP%\ins1.tmp
- 'ho###ns.co.be':80
- ho###ns.co.be/mpRrTMjZlt5zvQole0OzLMDTQqH9xXB5clyljGlU0tWeVY3S2TboF3EwryOstrcOTUgumNK4ErrSGzBi2eFzcb0PB42l3KeMJ3OSIKdFWovdVg==
- ho###ns.co.be/PJhAGWCgheyxWUGPtbDd1Wcuq1j5tcw2VR1rBfrO7wxb5tZT/LvohVMYTY7BdmHdJf0Ui2wxDpbHiU1wbzeyGsj+PNFmx2YINNFbRyn8raa/DDlz21keD/vDpl4u0cgeRFQC/Mrb8hXKD/t1Os07WGU2IfOmki3FcPjP6wyokhkMUxb4UHHx1Fj1e4IhFSVsVsmOxEI9c4c=
- DNS ASK ho###ns.co.be
- ClassName: 'Shell_TrayWnd' WindowName: ''