Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",jufwyscuoumnb install
- %TEMP%\ins1.tmp
- 'fg###ey.ce.ms':80
- fg###ey.ce.ms/HyZYPKcYXX9DatDSVQYV0pnu84Dge4NyoZpxkmtTmDPbCB1tzhcEkuDy+0cmIMrX0MXenjwhgd3EbTxor6Pu9BSRvN89C/KMIj69UJBVe1MCwg==
- fg###ey.ce.ms/JXiYHDpbOej0NqSegDlxGalU6xavuGxorZ/iof3vftVfjwPDMncQfgvNB2WxUM1R0VAOP6jmtjgVNJAtMVyQP34t3vWO+UVzSK5xpjaQf4Z1aHF01dzNfsG/gXR0ncwitahLp/njOL+7aaVZe9MvqSCfvQ84mbSlMDBKYz+BCGH7puDx79kfibsgVHnH6SMuBuVDdb16nxc=
- DNS ASK fg###ey.ce.ms
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''