Техническая информация
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",xipunkmrysilse install
- %TEMP%\ins1.tmp
- 'he###oce.cz.cc':80
- he###oce.cz.cc/cpfcTxaftZkLKjg1FCw/fM3q1CMG4SfmAxTRmWDg7+EKMf9S05cxOIBKAmIBiY5D3Z6PZYlpCaDy867Ev3uBmgfmExYxqWxwH/Wnphs/nHw=
- he###oce.cz.cc/uosZZLmq8Wljk4DNN4OZ7ocsCuR3f0xQkSUw26i3LIjcnkaQNSmEuqHHy3UQICaYO9BeehuqrEFpF4S/rB5qBRBwMSmLhbS71xH/DL7SuxvtNFR9sZDQtQFqc/zfbBWeHH/VS51xvducRBqKiC6gNVOPTLLwCS3BtnTzejNpD4sSv6KqYPspvT5ntWvhYPazu91cCPZq
- DNS ASK he###oce.cz.cc
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''