Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",pyhkaqgoudave install
- %TEMP%\ins1.tmp
- 'ro###o.cz.cc':80
- ro###o.cz.cc/prHOKBBFSE9m2p4yATUeXYx0B7fvycFWYELxwUxMaQGhl7GeEL3j1lcU8frWs5+QuTQ3FQoDE/OHa9n6NOpChx1tSKyUchZLSEhgrVJUCBAPRw==
- ro###o.cz.cc/cPQWdVSGVeREqKDjoNtoFIFVVs8TLiXo9krM3S/0sVHit/iFEd2TzLmS5Cdp3TdZsoE8vBN7twScimWdJ7JxmLVQoTSG5cCHbqa3TSdKwZapXylrEvcrTUMrh0jadCIfiDFMCFcVdA3U8nATX3A6sv2Bh6OwF2JwmSt44F4SeU5+61nSgtVI/hMq1Nw4bcL8nrm1WebAENI=
- DNS ASK ro###o.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: ''