Техническая информация
- '%TEMP%\AutoPatch.exe'
- '%TEMP%\SA.exe'
- '<SYSTEM32>\wbem\unsecapp.exe' -Embedding
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\iambackho[1].exe
- %WINDIR%\iambackho.exe
- %TEMP%\SA.exe
- %TEMP%\AutoPatch.exe
- %TEMP%\~DF3A0D.tmp
- 'localhost':1038
- 'un####.dothome.co.kr':80
- un####.dothome.co.kr/iambackho.exe
- un####.dothome.co.kr/server.txt
- DNS ASK un####.dothome.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'