Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'mcnt_smsgwang' = '%PROGRAM_FILES%\mcnt_smsgwang\mcnt_smsgwang.exe'
- %PROGRAM_FILES%\mcnt_smsgwang\mcnt_smsgwang.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mcnt_smsgwang[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mcnt_smsgwang[1].exe
- 'mo####cnt.funtvi.kr':80
- 'sm####on.funtvi.kr':80
- 'localhost':1036
- mo####cnt.funtvi.kr/count/counter_insert.php?pi#######################################
- sm####on.funtvi.kr/modulecnt/mcnt_smsgwang.exe
- DNS ASK mo####cnt.funtvi.kr
- DNS ASK sm####on.funtvi.kr
- ClassName: 'Indicator' WindowName: ''