Figure 1. Overview in the delivery method used by Cerber download After correctly attaining access through the vulnerability, the menace actor executes an encoded PowerShell command to download and execute a remote payload. This technique works similar to the Google Translate; it lets users obtain a website URL preserving as https://maps.google.mn/url?q=https://pakmediablog.net
