Техническая информация
- '%ProgramFiles%\ingrid\ingrid.exe' (загружен из сети Интернет)
- '%ProgramFiles%\ingrid\ingrid.exe'
- %ProgramFiles%\ingrid\ingrid_delete.exe
- %ProgramFiles%\ingrid\ingrid.exe
- 'lo###.1140.co.kr':80
- 'go###e.co.kr':80
- http://lo###.1140.co.kr/program/ingrid.exe
- http://lo###.1140.co.kr/program/ingrid_delete.exe
- http://go###e.co.kr/
- http://lo###.1140.co.kr/program/version.php
- DNS ASK lo###.1140.co.kr
- DNS ASK go###e.co.kr
- ClassName: 'MS_WINHELP' WindowName: ''