Техническая информация
- %TEMP%\HideInstaller_up18.exe
- %TEMP%\HideInstaller_up18.exe (загружен из сети Интернет)
- %TEMP%\HideInstaller_up18.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\HideInstaller[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\GetHideWinRunVersion[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\GetHideWinRunVersion[1].html
- 'fi##.##archspy.co.kr':80
- 'ax.###price.co.kr':80
- fi##.##archspy.co.kr/archive/HideInstaller.exe
- ax.###price.co.kr/data/GetHideWinRunVersion.html
- DNS ASK fi##.##archspy.co.kr
- DNS ASK ax.###price.co.kr