Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",tbjcuymnbt install
- %TEMP%\ins1.tmp
- 'he##l.cz.cc':80
- he##l.cz.cc/cRwJEcYzLdcFgIqD7UGKMS4a6r1sNzQs8tY51wVnU0IfvGDOqmKV9H4eZfQHw3+1q4cmb6G0kZFm2jWpk36H27SHxKw4neN5dIPD6xcULOdSEg==
- he##l.cz.cc/ssnjcxmYwgfcuQ6P0mFX6KfLpnxRWlTPjJ0gfgWxUbHT37xuQVIA3dO83Vy9XRGNYo1ac29r4Ojtoh4B4GxgzPmoL242gMtUldGY5MGJJXdjcRTVKDM84U7Sjgrm1ZdB7C3fvLSmF3U4D5lBTJ2bTCMVckPFwRjW0Wk+QRHvibbV1nwugE3RI2qXzQKgn5mMZ6TcZf4//YI=
- DNS ASK he##l.cz.cc
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''