Техническая информация
- '<SYSTEM32>\rundll32.exe' "%TEMP%\ins1.tmp",jwegqyayuzcrb install
- %TEMP%\ins1.tmp
- 'ro###ld.cz.cc':80
- ro###ld.cz.cc/MfmHnvGmfze1PaMn0wAt0VAxOF7aW/sg+nZ+9Zs00N9RUe7ynSAuZT6vDOE2stGE+qX78Y3PBgwMSGY535OjRf80FIuo8bPDHYkKLcsPt8TyiQ==
- ro###ld.cz.cc/sTHgjifOuJbkK6HyHJo2r60Gtkny2jD+ofpj1Q7GY8FQ7ofnGbgzrtVZcNjkaUkj8y+LMRya1mmWULjHcWFBuF6vOAjVQ9hooWgWZJR6KCX4LEAqQKOZY3EJNNrBeZTkdipclzRC0FtCTJ+ZuA6tlRCU0G1VnOc1ZCJFl2F9Ai9JvoqOQs8xFbPxhCsE7+Pd1jf5lb4UJQQ=
- DNS ASK ro###ld.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'