Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FireWall EX Ver' = 'C:\FireWall - EX.exe'
- %PROGRAM_FILES%\Setting_1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\%eb%85%b8%ec%98%a4%eb%b3%b4or%eb%85%b8%ec%98%81%ec%a0%95[1].exe
- %PROGRAM_FILES%\Setting_2.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\SuddenAttack[1].exe
- <SYSTEM32>\okir.system
- <SYSTEM32>\dllcache\okir.exe
- C:\FireWall - EX.exe
- <SYSTEM32>\dllcache\okir.exe
- <SYSTEM32>\okir.system
- '12#.#32.92.214':80
- 'localhost':1035
- 12#.#32.92.214/%eb%85%b8%ec%98%a4%eb%b3%b4or%eb%85%b8%ec%98%81%ec%a0%95.exe
- 12#.#32.92.214/SuddenAttack.exe
- ClassName: '' WindowName: '??? ??'
- ClassName: '' WindowName: '??'
- ClassName: '' WindowName: 'Alyac'