Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",gkphcdxrm install
- %TEMP%\ins1.tmp
- 'so###sa.ce.ms':80
- so###sa.ce.ms/FnZRyoZih0KLLMoRpJSRbOEq+0w0WaNbKxtUZM2y538rFeL+O8kwpbc2pRybrSz4MfRxnEMAOuQinJODvocZV1MJjU4r4rBxnzhntBfyC4qsrw==
- so###sa.ce.ms/tXaykjmGygDm9/srZof5gHpLkY33uyQPyD/GtoSNomGwFNC4DUVZqHSKT7v3vvGavyp2Wuw+aD+8dxGa1uTWV2XQPx9Z7KGyaMBu3XII2IzpR0Lkj9Kmrl6kfSN2V2pK19C03XAjbX7ZPmr9/ZVnI4wFjayl50Ibls8egXJLdvc0iErYT3o/0RDqs9CQKyYwYyHobq+qi5Y=
- DNS ASK so###sa.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''