Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ViaReg' = '"<Full path to file>"'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe' /logtoconsole=false /logfile= /u "<Full path to file>"
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- %APPDATA%\Monitor\Screenshots\06-05-2017\7.17 AM
- %APPDATA%\ViaFolder\ViaFile.EXE
- '<L####NET>.0.105':100
- 'mo#####t.publicvm.com':100
- DNS ASK mo#####t.publicvm.com