Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\a19aa0334c684d5a24f94a29bd7c84f3.exe
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%PROGRAMDATA%\Anti.exe" "Anti.exe" ENABLE
- %PROGRAMDATA%\anti.exe
- <Full path to file>
- %PROGRAMDATA%\anti.exe
- 'us###e.kro.kr':1668
- DNS ASK us###e.kro.kr
- '%PROGRAMDATA%\anti.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%PROGRAMDATA%\Anti.exe" "Anti.exe" ENABLE' (with hidden window)