Technical Information
- <SYSTEM32>\tasks\home lan application
- <SYSTEM32>\svchost.exe
- %PROGRAMDATA%\스우모그그른리리길있가.exe
- %APPDATA%\homelan\스우모그그른리리길있가.exe
- %APPDATA%\homelan\settings.ini
- %WINDIR%\temp\cabc277.tmp
- %WINDIR%\temp\tarc278.tmp
- %WINDIR%\temp\cabc298.tmp
- %WINDIR%\temp\tarc299.tmp
- %WINDIR%\temp\cabd884.tmp
- %WINDIR%\temp\tard885.tmp
- %WINDIR%\temp\cabc277.tmp
- %WINDIR%\temp\tarc278.tmp
- %WINDIR%\temp\cabc298.tmp
- %WINDIR%\temp\tarc299.tmp
- %WINDIR%\temp\cabd884.tmp
- %WINDIR%\temp\tard885.tmp
- http://ip##fo.io/ip
- DNS ASK ip##fo.io
- '%PROGRAMDATA%\스우모그그른리리길있가.exe'
- '%APPDATA%\homelan\스우모그그른리리길있가.exe'
- '%PROGRAMDATA%\스우모그그른리리길있가.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe' ' (with hidden window)
- '%APPDATA%\homelan\스우모그그른리리길있가.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe'