Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'e0169bc5b24f1d955ce37e3156559b2f' = '"%APPDATA%\sytesnet.exe" ..'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'e0169bc5b24f1d955ce37e3156559b2f' = '"%APPDATA%\sytesnet.exe" ..'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%APPDATA%\sytesnet.exe" "sytesnet.exe" ENABLE
- %APPDATA%\sytesnet.exe
- 'vo#####500.sytes.net':999
- DNS ASK vo#####500.sytes.net
- '%APPDATA%\sytesnet.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%APPDATA%\sytesnet.exe" "sytesnet.exe" ENABLE' (with hidden window)