Technical Information
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\explorer.exe" "explorer.exe" ENABLE
- %TEMP%\sfx.ini
- C:\extracted\server.exe
- C:\extracted\11988242_115481625470578_6742700663517998603_n.jpg
- %TEMP%\explorer.exe
- %TEMP%\sfx.ini
- DNS ASK ha#####ka132.ddns.net
- 'C:\extracted\server.exe'
- '%TEMP%\explorer.exe'
- 'C:\extracted\server.exe' ' (with hidden window)
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\explorer.exe" "explorer.exe" ENABLE' (with hidden window)