Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Client.exe' = '"<Full path to file>" ..'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Client.exe' = '"<Full path to file>" ..'
- %APPDATA%\microsoft\windows\start menu\programs\video7lan\vlc7.exe
- hidden files
- 'fe#####2020.duckdns.org':7782
- DNS ASK fe#####2020.duckdns.org
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath '"<Full path to file>"'