Technical Information
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command Add-MpPreference -ExclusionPath "<Current directory>"
- %HOMEPATH%\desktop\jx2vn.net.lnk
- 'up.##2vn.net':80
- http://up.##2vn.net/jx2vn/index.php
- http://up.##2vn.net/jx2vn/checkupdate.php
- DNS ASK up.##2vn.net
- '<SYSTEM32>\cmd.exe' /C powershell -Command Add-MpPreference -ExclusionPath "<Current directory>"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C powershell -Command Add-MpPreference -ExclusionPath "<Current directory>"