Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\f380a39e30e5120adeaa4b5fe8405fc5.exe
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\dktry.exe" "dktry.exe" ENABLE
- %TEMP%\dktry.exe
- 'ny##.ddns.net':726
- DNS ASK ny##.ddns.net
- '%TEMP%\dktry.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\dktry.exe" "dktry.exe" ENABLE' (with hidden window)