Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",hwivwnxkd install
- %TEMP%\ins1.tmp
- 'we##.ce.ms':80
- we##.ce.ms/ifcdJpfM15QQ4kRFzQ21NdrM5ikcTdI1xTXdTSYL7wkfdwJELGrAhPc5GrIJ0fzMhR4kpK2GCx3oJDQ5/YJeNyCnZoGh4MCYFvDWzzAkb44PVg==
- we##.ce.ms/AnvRdhLgbpXdeG09SyvAdCXfpt5VTmckBPCieLUiTmsZIBqB7bJFyViSDJ86/6cCGNNDyQZHOKFm/D7Y5cSXTAxGg4481KS9Q2kBcY+SmE7BvxhH8ivmChC5OyazeIJI8UUGqW/mrA9FwaspDUnEr5ZMDkxtGz0qivpHsKl+p0xguYcwowMx/rrG+jH69ZPoiI5oOPSsHnU=
- DNS ASK we##.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''