Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",kqmryujwnsi install
- %TEMP%\ins1.tmp
- 'sh###y.ce.ms':80
- sh###y.ce.ms/KkCwjMIo3443mOUUQtGWvF/O2Ga/8ptJeRNEpJ3OKHtF4wdtaJD3hZFwGAAiIDB+hycoWBmL0W4s9TJAsESG9wRq0Mt/ZdSV13ERIKc6hDbBoA==
- sh###y.ce.ms/NuoVnlqyWeAZm0Pdfx/zxQZG7kLdV7E7TFCQG9wGdvz+OwG8aYY2i4lsiOdqChF+gMuZm1Fsr42uwITs0OASPbhpj1CQXReR6/2afVSCjk4T8Fb+qVbTTN71aHVn7JnTLDmHRqnfSIynlOxC9xhJd33P5sMA29DXRQ8ZvBJoUABKwutRY8ZfxUDTv8WmxeQ8mfymxcPr9Us=
- DNS ASK sh###y.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''