Техническая информация
- "%TEMP%\HideInstaller_up41.exe" (загружен из сети Интернет)
- %TEMP%\HideInstaller_up41.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\HideInstaller[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\GetHideWinRunVersion[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\GetHideWinRunVersion[1].html
- 'fi##.##archspy.co.kr':80
- 'ax.###price.co.kr':80
- fi##.##archspy.co.kr/archive/HideInstaller.exe
- ax.###price.co.kr/data/GetHideWinRunVersion.html
- DNS ASK fi##.##archspy.co.kr
- DNS ASK ax.###price.co.kr