Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",jzzcmhvu install
- %TEMP%\ins1.tmp
- 'ro###son.ce.ms':80
- ro###son.ce.ms/mTwYBDTZfmNlGhW1VX4Jxse65eDAdPqjO0Odf/xdj6710MvyoZzhani2BAc59xNcfw0pWxZv+HChXu6YoazqpmtAu9LM/DWFzBMdUts2e4XL7A==
- ro###son.ce.ms/VMPCWALpPwgmnzj50R8OPlXkWLyqMlthp0cBVzGO1hVgj1d8+qrSkrNrBBsK9H98h/rHvN0uEyeuW8oPk/FgYFLQBcmCXeGwBTip0j2zgCAiNpvfkUJ2TXVX0U12mpNiNGbXzBbJt8lzjkQt3IOWkaBrKp0LETOg+4yJ61fwwwWD3+q+UrsLp9Qx+YwjX3n1wLFwyHGN7+0=
- DNS ASK ro###son.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''