Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'v3configure' = 'rundll32.exe %TEMP%\98768515.txt,A'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'v3configure' = 'rundll32.exe %TEMP%\98768515.txt,A'
- '<SYSTEM32>\rundll32.exe' %TEMP%\98768515.txt,A
- %TEMP%\winurl.dat
- %TEMP%\del24f10.bat
- %TEMP%\del2623a.bat
- %TEMP%\version361.dat
- %TEMP%\98768515.txt
- %TEMP%\version.dat
- %WINDIR%\Temp\version.dat
- 'www.do###ge.co.kr':80
- www.do###ge.co.kr/bbs/board.php
- DNS ASK www.do###ge.co.kr
- ClassName: 'Indicator' WindowName: '(null)'