Technical Information
- http://pa#####.countertack.com/docs/sentinel-5.8.2.1-operations-guide.pdf as c:\temp\helloworld.pdf
- C:\temp\call_hidden_powershell\call_hidden_powershell.bat
- C:\temp\call_hidden_powershell\fake_run.txt
- C:\temp\helloworld.pdf
- C:\temp\call_hidden_powershell\call_hidden_powershell.bat
- http://pa#####.countertack.com/docs/Sentinel-5.8.2.1-Operations-Guide.pdf
- DNS ASK pa#####.countertack.com
- '%WINDIR%\syswow64\cmd.exe' /c C:\temp\call_hidden_powershell\call_hidden_powershell.bat
- '%WINDIR%\syswow64\notepad.exe' C:\temp\call_hidden_powershell\fake_run.txt