Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RthDVCpl' = '<DRIVERS>\RthDVCpl.exe'
- <DRIVERS>\RthDVCpl.exe
- %WINDIR%\autobaduki.exe
- C:\data.exe
- <DRIVERS>\RthDVCpl.exe
- %TEMP%\MYM.SYS
- %TEMP%\MYK.SYS
- %TEMP%\MYIK.SYS
- %TEMP%\verinfo.txt
- %TEMP%\MYIM.SYS
- %WINDIR%\autobaduki.exe
- C:\data.exe
- %WINDIR%\Dynamic.dll
- <DRIVERS>\COM_Events.dll
- <DRIVERS>\RthDVCpl.exe
- C:\data.exe
- 'ki###j.co.kr':80
- 'ya######shan4.dyndns.org':80
- ki###j.co.kr/123456789101112/verinfo.txt
- ya######shan4.dyndns.org/version_check.php
- DNS ASK ki###j.co.kr
- DNS ASK ya######shan4.dyndns.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''