Техническая информация
- '<SYSTEM32>\wscript.exe' %TEMP%\OxflhFv.js
- %TEMP%\oxflhfv.js
- nul
- 'public-trust.com':80
- http://ll#########.digitalperfomation.store/?02#
- DNS ASK ll#########.digitalperfomation.store
- DNS ASK cl###flare.com
- DNS ASK public-trust.com
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p Fbmfi2I="%XZE:IASGK=%%7i6Scv5:1BDKO=/%" 0<nul 1>%TEMP%\OxflhFv%ymoc%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" md \ |"
- '<SYSTEM32>\cmd.exe' /S /D /c" echo stArt <SYSTEM32>\wsCript.eXe %TEMP%\OxflhFv%ymoc%s"
- '<SYSTEM32>\cmd.exe'