Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",mxjtizdo install
- %TEMP%\ins1.tmp
- 'he##n.ce.ms':80
- he##n.ce.ms/yZKtiXFWmIkgaA+oL9m39OuE/K/Et9N8l0aGSvqW/AEthfOKilx+N+EOPRuxRtgDAyNC4yAEPIcJkcb+FTcNKv8fiooGPbFqikcNf7PrkMNDGg==
- he##n.ce.ms/sGjGBdVYey1+GNMJCF/LVCQ03ZaZ8axNIBkmdc4bKmq6VrMhUY4Arrnf7qgweMY6yt8rQKSRbA5Sv79RAmT12KceZHAlCqtYq9DA2pSnyj53vUfvzIpDfD2hsg5n2kcAyVm9N1cpvTeDuumW9pGaEYJ7Jx8eLNySwy31KQ3nReTwGQWlvPs2vIfnDeyhBPRJVjOB+lpD3ac=
- DNS ASK he##n.ce.ms
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''