Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",fotixjvcrxzdzyo install
- %TEMP%\ins1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\L1RC2tvunOgwPxlNxx8qGESX6hSSTeQ4lBO930oo6ZJWTS1Jh0KyHwpNPa73GcFJcscxvZleQ==[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\c231slsAaXK8=[1]
- 'sa###do.co.be':80
- 'localhost':1035
- sa###do.co.be/rcvxYlsBYS3OC7dsFT5LIRXo8w46SAZg2JRs/L1RC2tvunOgwPxlNxx8qGESX6hSSTeQ4lBO930oo6ZJWTS1Jh0KyHwpNPa73GcFJcscxvZleQ==
- sa###do.co.be/ZFSOaPdHLIZZrSyqiM0eOrMZP0X00bEhIhDbcWnCneNBZescwFKQ35TzjP8ag9E8XeN/RHKwdU9eRVRMrnLHG5sqnVW2CQXYcFhs+eTaM+lwrAL2EWDzhJdGp7ZSrBfMyuNAXzPqR1lqtxaTK1Hzq95SHnOida+fr2wnp2c6h8sGB/WiMurgEjdSkTJ5V3/c231slsAaXK8=
- DNS ASK sa###do.co.be
- ClassName: 'Shell_TrayWnd' WindowName: ''