Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",toaxtyukdthyj install worker
- %TEMP%\ins1.tmp
- 'cr##m.cz.cc':80
- cr##m.cz.cc/iFlrceZUhsoMP+CfYJ+vhXkJQQ+cR1It5taioQ9C/brxPAUy9/4ayyhBrCFw5eYbY2XhwG1fAMvXAduiytmMnwegrls4Swl9s074vKEeIwQ=
- cr##m.cz.cc/ZcwwegmS0kdgYIBFczeYUixFj0rcdhOIJo5l0obyMp4jyZ9eTAXZjni9PccOg65qesn6WxG/LNINE2+VBqq/5XgciRR2WfPj1dY/m2KaQtXpfLu1rWnNE4GIQAB0G97sWGfX1a2rbbIHullN1GmjU5IRP6NyTCw5rufYA7ghpgUXv6hPAdQENP4GMsBLhPTMaZkuMmZ5
- DNS ASK cr##m.cz.cc
- ClassName: 'Shell_TrayWnd' WindowName: ''