Technical Information
- <SYSTEM32>\windowspowershell\v1.0\powershell.exe
- 'go####-cheats.com':80
- http://go####-cheats.com/loader/uploads/Installer_Ayimuhlf.jpg
- DNS ASK go####-cheats.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -noexit' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -enc UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMQAwADsAIABSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAiAEMAOgBcAHQAdgBjAGUAbQBcAGgAdABqAHEAagBpAHgAdgAuAGUAeABlACIAIAAtAEYAbwByAGMAZQA=' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -noexit
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -enc UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMQAwADsAIABSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAiAEMAOgBcAHQAdgBjAGUAbQBcAGgAdABqAHEAagBpAHgAdgAuAGUAeABlACIAIAAtAEYAbwByAGMAZQA=