Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command "& 'C:\Users\Public\Videos\Lc1.Hta'
- '%WINDIR%\syswow64\mshta.exe' "C:\Users\Public\Videos\Lc1.Hta"
- C:\users\public\videos\lc1.hta
- '1f####.#1brmyeb1jxc59.top':80
- DNS ASK 1f####.#1brmyeb1jxc59.top
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p HBKS2="%GIIWZ:yk1i=%%J42A:MHILD=/%" 0<nul 1>C:\Users\Public\Videos\Lc1%MMLW%ta"