Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Full path to virus>' = '<Full path to virus>:*:Enabled:Meltdown'
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\Meltdown\upnp.bat""
- <SYSTEM32>\netsh.exe firewall set icmpsetting 8 enable
- <SYSTEM32>\netsh.exe firewall set allowedprogram program = "<Full path to virus>" name = Meltdown
- %APPDATA%\Meltdown\Mel4.tmp
- %APPDATA%\Meltdown\upn3.tmp
- %APPDATA%\Meltdown\upn1.tmp
- %APPDATA%\Meltdown\Mel2.tmp
- %APPDATA%\Meltdown\upnp.bat
- %APPDATA%\Meltdown\Meltdown.cfg
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Meltdown '