Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '0d118ddc84fcb4321d02b65153c0dc1b' = '"%TEMP%\Ccleaner.exe" ..'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '0d118ddc84fcb4321d02b65153c0dc1b' = '"%TEMP%\Ccleaner.exe" ..'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\Ccleaner.exe' = '%TEMP%\Ccleaner.exe:*:Enabled:Ccleaner.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\Ccleaner.exe" "Ccleaner.exe" ENABLE
- %TEMP%\Ccleaner.exe
- 'dh###n.ddns.net':523
- DNS ASK dh###n.ddns.net
- '%TEMP%\Ccleaner.exe'