Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'addendum' = '%PROGRAM_FILES%\addendum\sidebar\gamjoa\addendume.exe'
- %WINDIR%\Temp\addendum4231_conifg.ini
- <Текущая директория>\addendum4231_conifg.ini
- %WINDIR%\Temp\addendum4231_conifg.ini
- <Текущая директория>\addendum4231_conifg.ini
- 'up####.ijet.co.kr':80
- 'www.ij##.co.kr':80
- up####.ijet.co.kr/cont/sizeid.php?pi##
- up####.ijet.co.kr/cont/dllid.php?pi##
- www.ij##.co.kr/link/config2.php?pi##
- up####.ijet.co.kr/cont/guid.php?pi##
- www.ij##.co.kr/link/config.php
- up####.ijet.co.kr/cont/proid.php?pi##
- up####.ijet.co.kr/cont/regid.php?pi##
- DNS ASK up####.ijet.co.kr
- DNS ASK www.ij##.co.kr
- '<IP-адрес в локальной сети>':1036
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''