Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'sys249' = '<Полный путь к вирусу>'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ipchicken[1]
- 'ip###cken.com':80
- 'dl.#####oxusercontent.com':80
- 'localhost':1037
- 'dl.#####oxusercontent.com':443
- dl.#####oxusercontent.com/s/0zyu3s1637i9c3v/%ED%81%B4%EB%A6%AD2%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8.txt
- dl.#####oxusercontent.com/s/hcoq9ocsf8jhj0r/shcnfc4.txt
- dl.#####oxusercontent.com/s/7ae73sj31jdw8is/%ED%81%B4%EB%A6%AD2%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8%20%282%29.txt
- dl.#####oxusercontent.com/s/oojww1yjgqrwzsn/%ED%81%B4%EB%A6%AD2%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8%20%284%29.txt
- dl.#####oxusercontent.com/s/uo4vr2c1siv78r9/%ED%81%B4%EB%A6%AD2%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8%20%283%29.txt
- dl.#####oxusercontent.com/s/t5qb9jmshhlio65/shcnfc3.txt
- dl.#####oxusercontent.com/s/lvd7qo00563tgk7/%EB%85%B8%EC%B6%9C1%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8%20%285%29.txt
- ip###cken.com/
- dl.#####oxusercontent.com/s/0s01tdebuc2dwy3/%EB%85%B8%EC%B6%9C1%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8%20%286%29.txt
- dl.#####oxusercontent.com/s/o67ti8cdnuz80zj/%EB%85%B8%EC%B6%9C2%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8%20%284%29.txt
- dl.#####oxusercontent.com/s/ui02ccuxsk9digx/%EB%85%B8%EC%B6%9C2%20-%20%EB%B3%B5%EC%82%AC%EB%B3%B8%20%283%29.txt
- DNS ASK ip###cken.com
- DNS ASK dl.#####oxusercontent.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'