Техническая информация
- '%WINDIR%\XecureSetup.exe'
- '%WINDIR%\XecureSetup.exe' (загружен из сети Интернет)
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\pcblist[1].dat
- %WINDIR%\XecureSetup.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\XecureSetup[1].exe
- 'yo##pay.com':80
- 'up#.##pgame.co.kr':80
- 'localhost':63245
- yo##pay.com/log/?mo##################################################
- yo##pay.com/pcblist.dat
- up#.##pgame.co.kr/etcApp/smartbar/XecureSetup.exe
- DNS ASK yo##pay.com
- DNS ASK up#.##pgame.co.kr
- ClassName: 'MS_WebCheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'