Technical Information
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",gkphcdxrm install
- %TEMP%\ins1.tmp
- 'le###zen.ce.ms':80
- le###zen.ce.ms/QskVHbNyCm5W04N8xTseROcwjwy7EIktu7eqe7Wh6AkdCl3S2j9KVfT1zwkh0Ubjis7OqaiudlrojhZsl4uNE2WWB7D1YBJeC5na2lg0qvb6Gw==
- le###zen.ce.ms/LslyCodc/JFMFjmVK1+EzfnQeG/oZfQ9y/W+yycC20XwkMJnC3rHo+16USUROJfQAEsIdI1SQMhM/VI6M5yesZ0jIZw89ZkSKEL9HNQ8tAnnCRWlAcmeySqAYxSqBzKc6fAvXos1D7N5qVjeKxsa/1m/wbZJmb/Nsc4YZAujesyrBnTBXyQxSk/rKOPHZJNa5iVGxBY7Qks=
- DNS ASK le###zen.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''