Technical Information
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ProgramFiles(x86)%\t2r4disp.exe' = '%ProgramFiles(x86)%\t2r4disp....
- User Account Control (UAC)
- %APPDATA%\0x25.exe
- %WINDIR%\syswow64\mswinsck.ocx
- %ProgramFiles(x86)%\t2r4disp.exe
- '91.##1.117.140':60123
- '%APPDATA%\0x25.exe'
- '%ProgramFiles(x86)%\t2r4disp.exe'
- '%ProgramFiles(x86)%\t2r4disp.exe' ' (with hidden window)