Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",xncujvchq install
- %TEMP%\ins1.tmp
- 'de####onsa.co.be':80
- de####onsa.co.be/YtUaoefyoeK3corSsOXZ3ANG1QwMMPAnmZ5rDosaR1TaZRl5NTeFLJzBfVabTaKZeDb5jujsCIpPscBLh4wqBK+hT/Aw587u7pcidCtuVG3zag==
- de####onsa.co.be/kcvoHXNLv49zcEtzH45t3My1BrQATdL2LZiMUW4oFAAXqgXETFj0NENHi74H9AuOktjpetnbzs3EDGJfsuk6hab3Ke2IsiU5W6rDnzomPjcceT+NSEDs/DkCX06ZLElUHXcpFHncW7CmWzHZDxEWC6ppJZcIRe3O/qSwcGqD72T32L+eX+oOv7jzeNaHUi1p4RiLr3UKy4A=
- DNS ASK de####onsa.co.be
- ClassName: 'Shell_TrayWnd' WindowName: ''