Техническая информация
- '<SYSTEM32>\wscript.exe' %TEMP%\8Ij.js
- %TEMP%\8ij.js
- http://5j####.a3xxwnr7fkeo.top/?6/
- DNS ASK 5j####.a3xxwnr7fkeo.top
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p Z1TLG="%CDJV:SQQO=%%3GB5:FSDEM=/%" 0<nul 1>%TEMP%\8Ij%GIC%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" md \ |"
- '<SYSTEM32>\cmd.exe' /S /D /c" echo stArt wsCript.eXe %TEMP%\8Ij%GIC%s"
- '<SYSTEM32>\cmd.exe'