Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\3107e2cc85325510acbf81112a41804e.exe
- %APPDATA%\microsoft\windows\start menu\programs\startup\3107e2cc85325510acbf81112a41804e.lnk
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%APPDATA%\Folder\Tor.exe" "Tor.exe" ENABLE
- %APPDATA%\folder\tor.exe
- %TEMP%\melt.txt
- 'ta###.publicvm.com':5
- DNS ASK ta###.publicvm.com
- ClassName: 'VMDragDetectWndClass' WindowName: ''
- '%APPDATA%\folder\tor.exe'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%APPDATA%\Folder\Tor.exe" "Tor.exe" ENABLE' (with hidden window)