Technical Information
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' [StriNG]::JOin( '' ,('18C87Y124!70C67C64!119a22C11G22r88C83r65-27G89{84{92Y83G85G66-22r68Y87r88{82!89G91a13G18a65a70G125{122r66C119C22r11C22{88r83Y65C27z89W84W92C83W85G66G22C101{79G69a66r83!91W...
- %TEMP%\210111.exe
- %TEMP%\210111.exe
- 'it###inic.ru':80
- 'it###inic.ru':443
- '05##dna.com':80
- http://www.it###inic.ru/Bb5o/
- http://05##dna.com/qXjA/
- 'it###inic.ru':443
- DNS ASK it###inic.ru
- DNS ASK ac####tingline.info
- DNS ASK ce#####law.vyudu.tech
- DNS ASK 05##dna.com
- DNS ASK hz##mei.net
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' [StriNG]::JOin( '' ,('18C87Y124!70C67C64!119a22C11G22r88C83r65-27G89{84{92Y83G85G66-22r68Y87r88{82!89G91a13G18a65a70G125{122r66C119C22r11C22{88r83Y65C27z89W84W92C83W85G66G22C101{79G69a66r83!91W...' (with hidden window)