Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",kqkpxvobo install
- %TEMP%\ins1.tmp
- 'sh###arn.ce.ms':80
- sh###arn.ce.ms/StTGrxKGedCshxZp1Sem4NQ2u/juggIPZbN424f5EcS4fA/CySdh2lbaK9SjlTac3/8dP/kiY/4A7D5IJHr0pfWWBzHxzrBxXDQetHZWSEaiWw==
- sh###arn.ce.ms/eMBfedcfOrmeowS5zy3NrnyhQBNgJ0sEIzaGHRCSilI6zdS2vH0/ItTEpV8XoAlXNpSbeY14EQWjiEfNSS9BvNIJYyRq6IdMgheTKljdBSWJ/aZdMQqcYTApE4+d78R7O9cSfZALUCH61X9LrRNkmHwRD9WNqVyOrIrzbjO7nCNdO8e5Xnv0L705EL6aSf36u52r8KGFokw=
- DNS ASK sh###arn.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''