Technical Information
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%HOMEPATH%\server.exe" "server.exe" ENABLE
- %TEMP%\hamachi.msi
- %TEMP%\desktoprrr.exe
- %TEMP%\ks4.021.3.10.391ru_25000.exe
- %TEMP%\server9 (1).sfx.exe
- %TEMP%\server9 (1).exe
- %HOMEPATH%\server.exe
- %TEMP%\msiaa22.tmp
- %TEMP%\msiab2c.tmp
- %TEMP%\hamachisetup.log
- %TEMP%\msiab5c.tmp
- %TEMP%\msiab8c.tmp
- %TEMP%\hamachi.msi
- %TEMP%\desktoprrr.exe
- %TEMP%\server9 (1).exe
- %HOMEPATH%\server.exe
- %TEMP%\msiaa22.tmp
- %TEMP%\msiab2c.tmp
- %TEMP%\msiab5c.tmp
- %TEMP%\msiab8c.tmp
- '82.##2.167.58':6565
- 'microsoft.com':80
- DNS ASK microsoft.com
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\desktoprrr.exe'
- '%TEMP%\server9 (1).sfx.exe'
- '%TEMP%\server9 (1).exe'
- '%HOMEPATH%\server.exe'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%HOMEPATH%\server.exe" "server.exe" ENABLE' (with hidden window)
- '<SYSTEM32>\msiexec.exe' /i "%TEMP%\hamachi.msi"