Техническая информация
- '<SYSTEM32>\wscript.exe' %TEMP%\u90aUFH.js
- %TEMP%\u90aufh.js
- nul
- http://w8####.yvsxqwt.buzz/?01#
- DNS ASK w8####.yvsxqwt.buzz
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p 69IFLKn="%BWS:INCRH=%%6luk90d:1MNOQ=/%" 0<nul 1>%TEMP%\u90aUFH%ycwf%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" md \ |"
- '<SYSTEM32>\cmd.exe' /S /D /c" echo stArt <SYSTEM32>\wsCript.eXe %TEMP%\u90aUFH%ycwf%s"
- '<SYSTEM32>\cmd.exe'