Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",gzqolmkwup install
- %TEMP%\ins1.tmp
- 'sc###oh.ce.ms':80
- sc###oh.ce.ms/OPLUZSMikPYEwbyUScfA+w4xaWZlY6sdjxsS1owQh+9R7rtc679R4lFxR8JvIMbzoLF7qrHN0zgso0YH0iY0iNUIsneVLxEFoXZUUFa2vUkxKA==
- sc###oh.ce.ms/zaWQkPgVqnCxCl2pqlWJSp6xWE7PrLWsRgDbqnmJLm9gnhQQAoCUf7bVURWkfZ7ZakxTD1OevPxIF9d4c87SdY76VzZqpviWgDJ4u4aeUTgiRx2fkgbjt0C7hNAxsKhDedSufMyg3BBMdROaH91qbCIDdNF1m6++YV0+ORDrEShv23li0+rUwbkYynlxKFDk/azz0dIjMiQ=
- DNS ASK sc###oh.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''