Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '3a25c74a7e02a5eb6406ebfa66cca601' = '"%APPDATA%\dprt.exe" ..'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '3a25c74a7e02a5eb6406ebfa66cca601' = '"%APPDATA%\dprt.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\3a25c74a7e02a5eb6406ebfa66cca601.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\dprt.exe' = '%APPDATA%\dprt.exe:*:Enabled:dprt.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%APPDATA%\dprt.exe" "dprt.exe" ENABLE
- %APPDATA%\dprt.exe
- 'si#####o.onthewifi.com':2505
- DNS ASK si#####o.onthewifi.com
- '%APPDATA%\dprt.exe'