Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\bba28db2c30350a8969dd38a33ae5b2d.exe
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%APPDATA%\soos.exe" "soos.exe" ENABLE
- %APPDATA%\soos.exe
- 'al##.zapto.org':1996
- 'g.###4top.io':443
- DNS ASK g.###4top.io
- DNS ASK al##.zapto.org
- '%APPDATA%\soos.exe'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%APPDATA%\soos.exe" "soos.exe" ENABLE' (with hidden window)