Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'fa280178bd55348ab39c6738d80c9542' = '"%APPDATA%\servsss.exe" ..'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'fa280178bd55348ab39c6738d80c9542' = '"%APPDATA%\servsss.exe" ..'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%APPDATA%\servsss.exe" "servsss.exe" ENABLE
- %APPDATA%\teamviewer_setup.exe
- %TEMP%\nsuf640.tmp\advanced_unicode.ini
- %TEMP%\nsuf640.tmp\start_unicode.ini
- %TEMP%\nsuf640.tmp\system.dll
- %TEMP%\nsuf640.tmp\lizenz_teamviewer_en_unicode.txt
- %TEMP%\nsuf640.tmp\modern-wizard.bmp
- %TEMP%\nsuf640.tmp\installoptions.dll
- %TEMP%\nsuf640.tmp\linker.dll
- %TEMP%\nsuf640.tmp\iospecial.ini
- %TEMP%\nsuf640.tmp\tvgetversion.dll
- %TEMP%\nsjf5b2.tmp
- %TEMP%\teamviewer\tvinfo.ini
- %TEMP%\teamviewer\teamviewer_.exe
- %TEMP%\nsye69f.tmp\tvgetversion.dll
- %APPDATA%\google.exe
- %TEMP%\nsuf640.tmp\userinfo.dll
- %APPDATA%\servsss.exe
- 'go######rcpics16.ddns.net':2222
- DNS ASK go######rcpics16.ddns.net
- '%APPDATA%\teamviewer_setup.exe'
- '%APPDATA%\google.exe'
- '%TEMP%\teamviewer\teamviewer_.exe'
- '%APPDATA%\servsss.exe'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%APPDATA%\servsss.exe" "servsss.exe" ENABLE' (with hidden window)