Technical Information
- %LOCALAPPDATA%low\temp\cabada.tmp
- %LOCALAPPDATA%low\temp\taradb.tmp
- %LOCALAPPDATA%low\temp\cabc92.tmp
- %LOCALAPPDATA%low\temp\tarc93.tmp
- %LOCALAPPDATA%low\temp\cabada.tmp
- %LOCALAPPDATA%low\temp\taradb.tmp
- %LOCALAPPDATA%low\temp\cabc92.tmp
- %LOCALAPPDATA%low\temp\tarc93.tmp
- 'ha###bin.com':443
- 'pk#.goog':80
- http://pk#.goog/gsr1/gsr1.crt
- 'ha###bin.com':443
- DNS ASK ha###bin.com
- DNS ASK pk#.goog
- '%WINDIR%\syswow64\cmd.exe' /c timeout 4.453' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout 4.453
- '%WINDIR%\syswow64\timeout.exe' 4.453