Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\.Net CLR] 'Start' = '00000002'
- C:\main.exe
- C:\brute_force_1.0.exe
- <SYSTEM32>\svchost.exe -k ".Net CLR"
- %WINDIR%\explorer.exe http://ep##.co1.kr
- ClassName: 'OLLYDBG' WindowName: ''
- <SYSTEM32>\1af94.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\epo1.co1[1]
- C:\brute_force_1.0.exe
- C:\main.exe
- %TEMP%\~DFE508.tmp
- C:\main.exe
- 'ep##.co1.kr':80
- 'localhost':1038
- 'ci####n.myvnc.com':80
- ep##.co1.kr/
- DNS ASK ep##.co1.kr
- DNS ASK ci####n.myvnc.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''