Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\f2c291541f94d8cc70ce08f61d77b85c.exe
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\cmd.exe" "cmd.exe" ENABLE
- %TEMP%\cmd.exe
- <Full path to file>
- %TEMP%\cmd.exe
- 'oo#####s333.hopto.org':2000
- DNS ASK oo#####s333.hopto.org
- '%TEMP%\cmd.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\cmd.exe" "cmd.exe" ENABLE' (with hidden window)