Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FindLock' = '%APPDATA%\FindLock\fl_dn.exe'
- <SYSTEM32>\regsvr32.exe /s "%APPDATA%\FindLock\findlock.dll"
- <SYSTEM32>\ipconfig.exe /all
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- 'www.fi###ock.co.kr':80
- 'fi##.#indlock.co.kr':80
- www.fi###ock.co.kr/app/ins_d.php?u=#######################################################
- fi##.#indlock.co.kr/dn/file.cfg
- DNS ASK www.fi###ock.co.kr
- DNS ASK fi##.#indlock.co.kr
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''