Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",obonrruaurtkq install
- %TEMP%\ins1.tmp
- 'ro###l.cz.cc':80
- ro###l.cz.cc/lsmCmCrUB3+OAGkFC4+WJu/QhdpH9CYv6OUQYS1PvzwZiUUN5lvMB4cFe0haDt8nI4DAbN8lnSBS73bmQGxj8SXQL2foHM9WDzsDrZzRIFNeeA==
- ro###l.cz.cc/lKhKFmFE+bCAGFXeCHN8hIwYQ3ZOceYvYem0i7lXkwiQNJT8MxTKkSOHfpUcVFaDs3Ohm9teUK5JTL4kU+ZgLKYj9upb5tXx9qmQxWyI91PhV1aT2wxX+AhAJFtAFYCKgwtH3NpoTFK+uwn6Qyfk1yQWKSQ7EN+jd4rVG2Vskq9fTgXGa1Qi9tNSvb/+akFnJWTCl1CnDYc=
- DNS ASK ro###l.cz.cc
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''