Technical Information
- '19#.#4.37.244':8000
- http://19#.##.37.244:8000/mvgezqtgspfrehxf via 19#.#4.37.244
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -ep bypass -w hidden -noexit' (with hidden window)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -ep bypass -w hidden -noexit