Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",pyhkaqgoudave install
- %TEMP%\ins1.tmp
- 'ro###o.cz.cc':80
- ro###o.cz.cc/NkIwUWzfOU5evT9f7iky9AyqanCJb0YP0MpsZRUP0po1DAnPIcSQlxoiIAw0q0vGMTTG313tTFr59kfpj63X2ClGUeRK/OzmEMRKV5Lb4SpI0A==
- ro###o.cz.cc/NMWiXybP8WAWbPtMxQd8PlKdngnOmb6Kr8Q+31inWA4ejg0wmSN0XpYkGpSdQhr2oLkIKJfdZlhZMtMhZmQJ605MmSBfB8WasjlhTySz+aa2cKgKUDiFDAS0H2eYVrZ+zo/thLFy1+NA/mCDXrV9ZcXZvO1k6ZWDDdxAuSJwpA8gS/XQ5h1aqSnceWTttghR2lkM1Gioy54=
- DNS ASK ro###o.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: ''