Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FireWall EX Ver' = 'C:\FireWall - EX.exe'
- %PROGRAM_FILES%\Setting_1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cfile2.uf@176035424D3E4B1E356602[1].exe
- %PROGRAM_FILES%\Setting_2.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\cfile23.uf@1376DE424D3E4B1F176B20[1].exe
- <SYSTEM32>\okir.system
- C:\FireWall - EX.exe
- <SYSTEM32>\dllcache\okir.exe
- <SYSTEM32>\dllcache\okir.exe
- <SYSTEM32>\okir.system
- 'po#####ceph.tistory.com':80
- 'localhost':1035
- po#####ceph.tistory.com/attachment/cfile27.uf@1662E2484D11C61D20552E.exe
- po#####ceph.tistory.com/attachment/cfile23.uf@1376DE424D3E4B1F176B20.exe
- po#####ceph.tistory.com/attachment/cfile2.uf@176035424D3E4B1E356602.exe
- DNS ASK po#####ceph.tistory.com
- '<IP-адрес в локальной сети>':1036