Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'App.exe' = 'C:\'
- [<HKCU>\software\Microsoft\Windows\CurrentVersion\Run] '4c6c07fc378f43dee829d46a53998ac9' = '"<Full path to file>" ..'
- [<HKLM>\software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] '4c6c07fc378f43dee829d46a53998ac9' = '"<Full path to file>" ..'
- %APPDATA%\microsoft\windows\start menu\programs\startup\4c6c07fc378f43dee829d46a53998ac9.exe
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "<Full path to file>" "<File name>.exe" ENABLE
- '16#.#72.231.5':333
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "<Full path to file>" "<File name>.exe" ENABLE' (with hidden window)