Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",zevhowyuxtullma install worker
- %TEMP%\ins1.tmp
- 'we##e.ce.ms':80
- we##e.ce.ms/gHFXoWWQL+sb1vjegluAZ6nQmXwxMHVGPJ06ikw2vEXs/UtwL69M5zZtQEbVBl6LVlFWr5bsq5rVgQdWxG8Sqw2fBLk4/gaZAAUwDTEfQ7E=
- we##e.ce.ms/lKpOSpQXoBDhz9rBfGSJuZKW8shFLdVghDm4yFrwX2Bbzfjtv04SYIgMcRxXap8k1I0XzQRAIP5dIEIzQ2DBQ8yIir85dAzHYP2oHxw/3A5Ojb2hVL5gJAALf4PHQINHnz/Sdo0XB1oM9OZJpT5B8PMlvLGEfSXSoroeGpSASM1cPK2WJev+4ZMPCqV7i+4QLrwyskLx
- DNS ASK we##e.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''