Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",qwhmeowaq install
- %TEMP%\ins1.tmp
- 'ch###o.cz.cc':80
- ch###o.cz.cc/KAAMPxsnG/1eK8c8Zy72a9D+s/hpVL/NTegfZJ+as2Hf/ywfDlgw3fuAqrcT5g2eI6iX7sM2Soguy7LGEvfS5n63LFQ3BxF5BZxylxx+OAtiuA==
- ch###o.cz.cc/sduOgqDVQ97Z8aqyVWjBgYAbIdFRySTDBrLWhHaRHRma8ADyWjJWTIfoZ38ttpnGjconIofEujvmct6UmsRLPSlytst8fQxotJFVMy62Dk9tNEys1V88PaV0ST/YVusoqWZLaqzeJXatJqpvUGit+Exwtzl/JbfiPh4TQGd68tPLFIQD4Qqd/6CarOXLyZQkOGCRn5vHtFU=
- DNS ASK ch###o.cz.cc
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''