Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",fzxivwzqk install
- %TEMP%\ins1.tmp
- 'mc####howsko.ce.ms':80
- mc####howsko.ce.ms/aVvpgTalBb0rJq+7pLoEfYNSlrWV38UAXh78fsKMSczwjCs5GHvR6qnFocBA8kp/KrIZ9RDjoOL2BezeluPpLRBRgxClKsv6DHJdvya54w9ONA==
- mc####howsko.ce.ms/RUYDwBmEGB3unH5S6ziPvr3agxKsBsFHLIMi/+oQKTFqvuJt/+vnbngynRmUOI4/F6How8rBZ5EgfFywCtlsah2V4wluQ8oU5PLXrlJRhEOKfLHApgOSWI0LqH2crmylsPcU7gyzawIO6Y1gHsK2zVqe8qq2W1NzDixAdNv7ycd8IFwH9Oy//jD4LqgCYHeXDi8rDYND7aA=
- DNS ASK mc####howsko.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''