Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Ottimizzazione' = '"<Current directory>\Test ottimizzazione.exe"'
- Windows Defender
- 'so###.#ltervista.org':80
- http://so###.#ltervista.org/api_server.php
- DNS ASK so###.#ltervista.org
- DNS ASK google.com
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Set-NetFirewallProfile -Enabled False' (with hidden window)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Get-MpPreference -verbose
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Set-NetFirewallProfile -Enabled False