Technical Information
- [<HKLM>\System\CurrentControlSet\Services\aspnet_counters] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\aspnet_counters] 'ImagePath' = '"%WINDIR%\SysWOW64\aspnet_counters\aspnet_counters.exe"'
- from <Full path to file> to %WINDIR%\syswow64\aspnet_counters\aspnet_counters.exe
- '18#.#76.228.2':80
- '17#.#30.81.0':22
- '10#.#36.28.47':8080
- http://10#.##6.28.47:8080/t1IMLFTgYyk/nwHLaAkRqSRxz5FDq2/ via 10#.#36.28.47