Техническая информация
- %TEMP%\ch_l2.exe
- %TEMP%\ch_l2.exe (загружен из сети Интернет)
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\ltune.dll /s
- <SYSTEM32>\ltune.dll
- %TEMP%\ch_l2.exe
- 'do##.#olfarm.co.kr':80
- 'do##.msmsns.com':80
- 'v1.###farm.co.kr':80
- do##.#olfarm.co.krhttp://down.lolfarm.co.kr/down_v1/ltune.dll
- v1.###farm.co.krhttp://v1.lolfarm.co.kr/app_install.php?ma##############
- v1.###farm.co.krhttp://v1.lolfarm.co.kr/down/files.txt
- do##.msmsns.comhttp://down.msmsns.com/ch_l2.exe
- DNS ASK do##.#olfarm.co.kr
- DNS ASK do##.msmsns.com
- DNS ASK v1.###farm.co.kr