Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%LOCALAPPDATA%\WinDiagnosticsParametersup\WinDiagnosticsParameters.exe�'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WinDiagnosticsParameters' = '%LOCALAPPDATA%\WinDiagnosticsParametersup\WinDiagnosticsParameters.exe�'
- %LOCALAPPDATA%\windiagnosticsparametersup\windiagnosticsparameters.exe
- from <Full path to file> to %LOCALAPPDATA%\windiagnosticsparametersup\windiagnosticsparameters.exe
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK dr###.##.#u-west-2.amazonaws.com
- DNS ASK microsoft.com