Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SystemRoot' = '<SYSTEM32>\System21032.exe'
- <SYSTEM32>\DGSpyC.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\DGSpyC[1].dll
- <SYSTEM32>\DGSpyX.ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\DGSpyX[1].ocx
- <SYSTEM32>\system21032.exe
- <SYSTEM32>\DGSpyS.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\DGSpyS[1].dll
- '<IP-адрес в локальной сети>':20287
- 'no###.webice.kr':80
- 'localhost':1036
- no###.webice.kr/DGSpyX.ocx
- no###.webice.kr/DGSpyC.dll
- no###.webice.kr/DGSpyS.dll
- DNS ASK no###.webice.kr