Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<File name>' = '%LOCALAPPDATA%\032ce9149660bba7301b5256893bd562\<File name>.exe'
- %LOCALAPPDATA%\032ce9149660bba7301b5256893bd562\<File name>.exe
- %LOCALAPPDATA%\032ce9149660bba7301b5256893bd562\<File name>.exe
- 'pa###bin.com':443
- '20.#2.0.12':44599
- 'microsoft.com':80
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'pa###bin.com':443
- '20.#2.0.12':44599
- DNS ASK pa###bin.com
- DNS ASK microsoft.com