Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ksogdj' = '"<Полный путь к вирусу>"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ksogdj' = '"<Полный путь к вирусу>"'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\log[1].php
- 'www.da####ocolate.co.kr':80
- 'www.ba###vidahi.com':80
- 'www.na##r.com':80
- www.da####ocolate.co.kr/log.php?ki########
- www.da####ocolate.co.kr/i01.php?pd#
- www.da####ocolate.co.kr/i04.php?pd#
- www.na##r.com/
- www.ba###vidahi.com/i04.php?pd#
- DNS ASK www.da####ocolate.co.kr
- DNS ASK www.ba###vidahi.com
- DNS ASK www.na##r.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''