Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",hwivwnxkd install
- %TEMP%\ins1.tmp
- 'he##.ce.ms':80
- he##.ce.ms/ZAFOezCf9Mmx6hdNRlHvTMiTofO194fatkb9KnJbuvWZSSspI3ZgD7ToqQ93wdtf3259i1stXRG5rfia6YHf3XufcSLUrbOHtnRxxEDHvxI=
- he##.ce.ms/DqlClFcH+VuUbOMy6ZHC8hzDJWu0tYo3bvExprl8j0JVgVSvimnCt/CH4m8sYvi9LpWYNWEWkJO3dEiVs0ZWfUjwYWvPXztCdSJHq1Sjv9QzqnS++0BZ302QXpAwPk7dGXAwYUSFIzvnaTvbvjkzD+aU8+HPux953PjDGhTthRsJmCQAbxsJlRz3eY8a0dbrlBI8oHsQ
- DNS ASK he##.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''