Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ViaReg' = '"<Full path to file>"'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe' /logtoconsole=false /logfile= /u "<Full path to file>"
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %APPDATA%\23EF5514-3059-436F-A4A7-4CEFAAB20EB1\run.dat
- %APPDATA%\ViaFolder\ViaFile.EXE
- %APPDATA%\ViaFolder\ViaFile.EXE
- %APPDATA%\ViaFolder\ViaFile.EXE
- 'gb#####ns.punkdns.pw':2050
- '14#.#4.174.177':2050
- DNS ASK gb#####ns.punkdns.pw