Technical Information
- '' (downloaded from the Internet)
- 'C:\users\public\vbc.exe'
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath "C:\Users\Public\vbc.exe"
- C:\users\public\vbc.exe
- '19#.#2.89.152':80
- http://19#.#2.89.152/po/lQ7k4CB3hzs4MY7.exe
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath "C:\Users\Public\vbc.exe"' (with hidden window)
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding