Technical Information
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",xshtnpdcbq install
- %TEMP%\ins1.tmp
- 'de###ck.cz.cc':80
- de###ck.cz.cc/xqBwuNyAH0HD68v56tkTR4vIH/rhRAXq3wOmm6wILATQHlOL78ZS+34qnWAi72l+QL43tWJUjvkBu4B1uBMvCzdWMQwlWT5MHo+a45x0S3w=
- de###ck.cz.cc/aFuQlUcIJ+U07LAuC/6VHQ5ez+UCufEfOtj789Mvsi+zkb+01sNRbSOM4sqU/rzJnbrehk4D7CNo51vRra8+ZTcqpKHGQt9i787UU74b+RsSCRy1vI+lI03LNiSFDL7QoeSP3Zc9PeSxXnrxqwBQAuMo4Z3f+HVk1zNmleBl7kR+uPezoIFkZYOUeMFcQHDeAHzofgzw
- DNS ASK de###ck.cz.cc
- '<Private IP address>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''