Техническая информация
- <SYSTEM32>\7239.exe
- <SYSTEM32>\7239.exe (загружен из сети Интернет)
- <SYSTEM32>\tskill.exe /pid=7472
- %WINDIR%\explorer.exe HTTP://PO##.CO1.KR
- <SYSTEM32>\tskill.exe /pid=7520
- <SYSTEM32>\tskill.exe /pid=7128
- <SYSTEM32>\tskill.exe V3LSvc
- <SYSTEM32>\tskill.exe AYAgent
- <SYSTEM32>\tskill.exe ALYac
- <SYSTEM32>\tskill.exe V3LTray
- <SYSTEM32>\tskill.exe AYServiceNT
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\posu.co1[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\posu.co1[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\7239[1].exe
- <SYSTEM32>\7239.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\posu.co1[1]
- 'localhost':1039
- 'po##.co1.kr':80
- 'localhost':1036
- 'po####t.woobi.co.kr':80
- po##.co1.kr/
- po####t.woobi.co.kr/7239.exe
- DNS ASK po##.co1.kr
- DNS ASK po####t.woobi.co.kr
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''