Technical Information
- [<HKLM>\System\CurrentControlSet\Services\SstpSvc] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\RasMan] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\PolicyAgent] 'Start' = '00000002'
- DNS server to '<DNS_SERVER>'
- %WINDIR%\temp\fwtsqmfile01.sqm
- '17#.#52.246.8':80
- '12#.#97.1.189':80
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns' (with hidden window)
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns