Technical Information
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",yyxgkxpqsidoryr install
- %TEMP%\ins1.tmp
- 'ro###on.co.be':80
- ro###on.co.be/czacgDFLgo8uWibad8efwhdy13Ka/MJYXcnkjbQ1r/E1awunPKcx9hhv6IiUKxzVBjLwJugfWo4FsF7K+56jWHWZP2vRRsRSvj3qqawWR0o=
- ro###on.co.be/mtaeuEtM7x7l3Tcg9t/exmx32kiqsoCsOln2lAa4En4c7dizLTyNdnAV7JYz4J+o7pZsxJ52ywzUxWvqn3VwILLlUpKuelXjDiLvihuOotV/T9h+BdLpJnsedtmShI2xOXPTOtEzv5F8+bBNg71KEQCFEQfpE650/UvqGMKI2VYzEcw+aW00ATiauNp6M8i2wAbIaCqG
- DNS ASK ro###on.co.be
- ClassName: 'Shell_TrayWnd' WindowName: ''