Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\4ffc12639387ed6b6e6a0cc1907ed66c.exe
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\dll.exe" "dll.exe" ENABLE
- %TEMP%\dll.exe
- 'vu###.ddns.net':8822
- DNS ASK vu###.ddns.net
- '%TEMP%\dll.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\dll.exe" "dll.exe" ENABLE' (with hidden window)