Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",xtixxqqhgrvibd install worker
- %TEMP%\ins1.tmp
- 'cl##r.ce.ms':80
- cl##r.ce.ms/gvqsVUfqPTDfzJo6jr5qJqvrOK9CsYy5BzYjmAbI1F9B5GZdJKCcohw+TdwszCotpPX8W8NfdUmW9AH5U6neO6kK3y6JapRNlyn14ZkA0MI=
- cl##r.ce.ms/lXqdKhvsgoUKRLmFaMgd86WWhbcdtd02YETGmEWSfUSuDAGjQHkcN9uBcrn31caBfQz2DqBaDczASgp5I67Gg7rmIrYoKz9o/mZNUvSBvbxLYZ4br9OeX9ZbD2GFNdLoJ7kYD5oMw5P+uJPtepGt0usjPdzlv97ceyNWX7Fx6Zy+AC1CnKECTtpJyjHDQ3ttzIx/LBNV
- DNS ASK cl##r.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''