Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",jwegqyayuzcrb install
- %TEMP%\ins1.tmp
- 'er####pelk.cz.cc':80
- er####pelk.cz.cc/LikpIwmkIpMD7FGeV09ezC2agiOjtYMQ11vsBkEcI3Oy7ontMgIyqiSzDSZ0l1rDx4eZPAwypRNWu7GeKilJ4faS9dEM7Y8kBV5chtpBb27Gbg==
- er####pelk.cz.cc/ttxoLDEsC/OQeFqQsMDwYGQqxzAQf2eRd+Fj8fzDIhBIAaTsPZuZ2gYncNK2QAIiLpo8QgL/BNBVylDCH5uJMfWV3Q3MNj4JN8ifbir6ugK1oOH1kYf2lDS+i9REnQyFzGOvap6JHZdekMqwTDmWGbDtA6Mt4qUp2uLNiVnOrpYJFMyG/kcQUEIVFbsXwTtoYtfOCxZujR8=
- DNS ASK er####pelk.cz.cc
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Shell_TrayWnd' WindowName: ''