Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WAU' = '"<SYSTEM32>\wauctls.exe" -update'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\39.127.0[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\210.175.87[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\210.89.180[1]
- <SYSTEM32>\wauctls.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\112.175.124[1]
- 'localhost':1046
- '11#.#75.124.181':80
- 'ne####game.co.kr':80
- '21#.#75.87.146':80
- '39.#27.0.33':80
- '21#.#9.180.115':80
- 'www.ne####game.co.kr':80
- 'www.ga###anages.com':80
- 'ne###egame.com':80
- 'www.ne###egame.com':80
- 'sk#.##memanages.com':80
- 'lg#.##memanages.com':80
- 'kt#.##memanages.com':80
- 21#.#9.180.115/check.txt
- 21#.#9.180.115/
- 11#.#75.124.181/check.txt
- 11#.#75.124.181/
- 21#.#75.87.146/check.txt
- 21#.#75.87.146/
- 39.#27.0.33/check.txt
- 39.#27.0.33/
- www.ga###anages.com/check.txt
- kt#.##memanages.com/check.txt
- www.ne###egame.com/check.txt
- ne###egame.com/check.txt
- www.ne####game.co.kr/check.txt
- ne####game.co.kr/check.txt
- lg#.##memanages.com/check.txt
- sk#.##memanages.com/check.txt
- DNS ASK lg#.##memanages.com
- DNS ASK kt#.##memanages.com
- DNS ASK sk#.##memanages.com
- DNS ASK ne####game.co.kr
- DNS ASK www.ne####game.co.kr
- DNS ASK ne###egame.com
- DNS ASK www.ne###egame.com
- DNS ASK lg.###onegame.com
- DNS ASK www.ga###anages.com
- DNS ASK sk.###onegame.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'