Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Full path to file>' = '<Full path to file>:*:Enabled:<File name>.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "<Full path to file>" "<File name>.exe" ENABLE
- 'ch####andomain.club':80
- 'ch####p.dyndns.org':80
- 'wp#d':80
- http://ch####andomain.club/ip/ip.php?w=#####
- http://ch####p.dyndns.org/
- http://11#.#11.111.2/wpad.dat via wp#d
- DNS ASK ch####p.dyndns.org
- DNS ASK ch####andomain.club
- DNS ASK ah###up.club
- DNS ASK wp#d