Technical Information
- <SYSTEM32>\rundll32.exe "%TEMP%\ins1.tmp",tbjcuymnbt install
- %TEMP%\ins1.tmp
- 'ro###mel.cz.cc':80
- ro###mel.cz.cc/IMjVaNwYmt8hziWC8XhCo/oPExryupxH9d6ieIbnSVFhqg4G/ohhSabqOSb00uDHfwuVxiSylBRGGRScgCsA0f8pPLmtxRhAdhYHDcyn/su56A==
- ro###mel.cz.cc/WEwVnJDoh+u8OdEU1yMdcALLcYC6oqTLxLdXdbvOy7SwQSY4kBUogbojKX5gP91emg0Z4wWNdqwtdpqidEkA5HFfISzw7aUwN6B4qltWipQo2Wsrr7A6L6AWRL3AXq29kmXWXA2T7ccKn/oS7xDOiwVIKs0ZSf/ltUpBOXCgpG79+asQJEXOgWlP3X5XxfdMlpKszG9l9g0=
- DNS ASK ro###mel.cz.cc
- '<Private IP address>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''