Technical Information
- [<HKLM>\System\CurrentControlSet\Services\328a5d92aa4] 'ImagePath' = '%TEMP%\328a5d92aa4.bin'
- '328a5d92aa4' %TEMP%\328a5d92aa4.bin
- %TEMP%\328a5d92aa4.bin
- <SYSTEM32>\gsdrv.bin
- '15#.#38.73.250':9002
- '11#.#92.19.233':9007
- '15##########50.oss-cn-beijing.aliyuncs.com':443
- 'microsoft.com':80
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- '11#.#92.19.233':9007
- '15##########50.oss-cn-beijing.aliyuncs.com':443
- DNS ASK 15##########50.oss-cn-beijing.aliyuncs.com
- DNS ASK microsoft.com