Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '18.exe' = '%APPDATA%windows\18.exe'
- %APPDATA%windows\18.exe
- %APPDATA%\23EF5514-3059-436F-A4A7-4CEFAAB20EB1\run.dat
- 'localhost':1037
- 'localhost':9033
- 'pa###bin.com':443
- DNS ASK pa###bin.com
- ClassName: '' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome