Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\dc9f837ce2756a51ae9c0188bda513e1.exe
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%WINDIR%\kmkkg.exe" "kmkkg.exe" ENABLE
- %WINDIR%\kmkkg.exe
- 'localhost':1177
- '%WINDIR%\kmkkg.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%WINDIR%\kmkkg.exe" "kmkkg.exe" ENABLE' (with hidden window)