Technical Information
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] '030E1CEF' = '%APPDATA%\030E1CEF\bin.exe'
- %WINDIR%\explorer.exe
- firefox.exe
- %LOCALAPPDATA%low\030e1cef\log.dat
- %APPDATA%\030e1cef\bin.exe
- 'jw#####328hdy3tep.cc':80
- http://jw#####328hdy3tep.cc/n0tru2t76hw2edqj/
- DNS ASK jw#####328hdy3tep.cc
- '%WINDIR%\syswow64\explorer.exe'