Lazarus 그룹의 NukeSped 악성코드 분석 보고서
Common Information
| Type | Value |
|---|---|
| UUID | cef1528e-4ed0-4b1c-84ec-a2f8165707ca |
| Fingerprint | e2f206a64c030a84b8a55009e3b4359506db5967e5e07da0a4ae09f7f0d984a7 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 10, 2021, 1:42 p.m. |
| Added to db | April 14, 2024, 3:44 a.m. |
| Last updated | Aug. 31, 2024, 6:49 a.m. |
| Headline | Lazarus 그룹의 NukeSped 악성코드 분석 보고서 |
| Title | Lazarus 그룹의 NukeSped 악성코드 분석 보고서 |
| Detected Hints/Tags/Attributes | 47/3/320 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 13 | www.boho.or.kr |
|
| Details | Domain | 4 | reportview.do |
|
| Details | Domain | 44 | atip.ahnlab.com |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 1 | 9jw2f.mx |
|
| Details | Domain | 1 | msve-ageb-89s4-9jw2f.mx |
|
| Details | Domain | 2 | hivekorea.com |
|
| Details | Domain | 4 | www.jinjinpig.co.kr |
|
| Details | Domain | 5 | mail.namusoft.kr |
|
| Details | Domain | 2 | www.conkorea.com |
|
| Details | Domain | 1 | www.isalim.co.kr |
|
| Details | Domain | 5 | snum.or.kr |
|
| Details | Domain | 4 | www.ddjm.co.kr |
|
| Details | Domain | 2 | mail.sisnet.co.kr |
|
| Details | Domain | 1 | mail.neocyon.com |
|
| Details | Domain | 1 | file.naverapi.com |
|
| Details | Domain | 1 | files.codencorp.com |
|
| Details | Domain | 1 | playpingpong12.com |
|
| Details | Domain | 1 | sorriso.kr |
|
| Details | Domain | 54 | www.ahnlab.com |
|
| Details | File | 263 | iexplore.exe |
|
| Details | File | 1 | stsess_update.php |
|
| Details | File | 1 | asdclient.php |
|
| Details | File | 1 | semenser.php |
|
| Details | File | 1 | call.exe |
|
| Details | File | 1 | ais.exe |
|
| Details | File | 1 | lsdev.exe |
|
| Details | File | 1 | msdev.exe |
|
| Details | File | 83 | sbiedll.dll |
|
| Details | File | 21 | api_log.dll |
|
| Details | File | 19 | dir_watch.dll |
|
| Details | File | 13 | member.php |
|
| Details | File | 1205 | index.php |
|
| Details | File | 1 | %temp%\edg88de.bat |
|
| Details | File | 2125 | cmd.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 1 | c:\windows\system32\synctask.exe |
|
| Details | File | 1 | c:\programdata\acwinrt.exe |
|
| Details | File | 1 | c:\windows\apppatch\apppatch64\acwinrt.exe |
|
| Details | File | 1 | c:\programdata\ahnlab\ais\asdcli.exe |
|
| Details | File | 1 | c:\windows\performance\winsat\winsat.exe |
|
| Details | File | 3 | default.exe |
|
| Details | File | 1 | collections.log |
|
| Details | File | 7 | akdoor.c4 |
|
| Details | File | 27 | agent.c4 |
|
| Details | File | 1 | andarloader.c4 |
|
| Details | File | 4 | nukesped.c4 |
|
| Details | File | 1 | andardoor.c4 |
|
| Details | File | 1 | andaeldoor.c4 |
|
| Details | File | 31 | generic.c4 |
|
| Details | File | 3 | malpacked.c4 |
|
| Details | File | 4 | loader.c4 |
|
| Details | File | 1 | launcher.c4 |
|
| Details | File | 4 | pwstealer.c4 |
|
| Details | File | 3 | stealer.c4 |
|
| Details | File | 8 | win.key |
|
| Details | File | 3 | logger.c4 |
|
| Details | File | 1 | scanner.c4 |
|
| Details | File | 1 | %username%\iexplore.exe |
|
| Details | File | 1 | %username%\libraries\algstore.exe |
|
| Details | File | 1 | %username%\libraries\appstore.exe |
|
| Details | File | 1 | %username%\libraries\comstore.exe |
|
| Details | File | 1 | %username%\libraries\netsvc.exe |
|
| Details | File | 1 | %username%\libraries\winsrv.exe |
|
| Details | File | 1 | %allusersprofile%\acwinrt.exe |
|
| Details | File | 1 | %allusersprofile%\ahnlab\ais\adscli.exe |
|
| Details | File | 1 | %allusersprofile%\ahnlab\ais\asdcli.exe |
|
| Details | File | 1 | %allusersprofile%\ahnlab\v3lauth\v3update.exe |
|
| Details | File | 1 | %allusersprofile%\spool.exe |
|
| Details | File | 1 | %allusersprofile%\svchost.exe |
|
| Details | File | 1 | %allusersprofile%\symantec\snac.exe |
|
| Details | File | 1 | %allusersprofile%\synctask.exe |
|
| Details | File | 1 | %allusersprofile%\v3patch.exe |
|
| Details | File | 1 | %programfiles%\estsoft\alzip\alutil.exe |
|
| Details | File | 1 | %systemdrive%\temp\winstx.exe |
|
| Details | File | 1 | %username%\certsvc.exe |
|
| Details | File | 1 | %username%\documents\iexplore.exe |
|
| Details | File | 1 | %username%\documents\iexplorer.exe |
|
| Details | File | 1 | %username%\documents\rsupport\rcc50\rsuimgr.exe |
|
| Details | File | 1 | %username%\documents\rsupport\remotecall\received files\setup.exe |
|
| Details | File | 1 | %username%\documents\rsupport\remotecall\received files\svchost.exe |
|
| Details | File | 1 | %username%\downloads\chromeupdate.exe |
|
| Details | File | 1 | %username%\libraries\commgr.exe |
|
| Details | File | 1 | %username%\libraries\netmon.exe |
|
| Details | File | 1 | %username%\music\lsdev.exe |
|
| Details | File | 1 | %username%\notework.exe |
|
| Details | File | 1 | %username%\pictures\lsdev.exe |
|
| Details | File | 1 | %username%\svchost.exe |
|
| Details | File | 1 | %username%\taskpm.exe |
|
| Details | File | 1 | %systemroot%\apppatch\apppatch64\acwinrt.exe |
|
| Details | File | 1 | %systemroot%\performance\winsat\winsat.exe |
|
| Details | File | 1 | %systemroot%\system32\synctask.exe |
|
| Details | File | 1 | %systemroot%\syswow64\xspwizard.exe |
|
| Details | File | 1 | %systemroot%\xswizard.exe |
|
| Details | File | 1 | c:\users\public\chrome.exe |
|
| Details | File | 1 | %systemdrive%\temp\mshelp.exe |
|
| Details | File | 1 | %allusersprofile%\a.exe |
|
| Details | File | 1 | %systemdrive%\temp\chrome2.exe |
|
| Details | File | 1 | %allusersprofile%\s.exe |
|
| Details | File | 1 | %allusersprofile%\s2.exe |
|
| Details | File | 1 | %allusersprofile%\so.exe |
|
| Details | File | 1 | %systemdrive%\temp\chromeall.exe |
|
| Details | File | 1 | %username%\music\call.exe |
|
| Details | File | 1 | %allusersprofile%\syncproxy.exe |
|
| Details | File | 1 | %systemroot%\syswow64\syncproxy.exe |
|
| Details | File | 1 | %allusersprofile%\t.exe |
|
| Details | File | 1 | %username%\t.exe |
|
| Details | File | 1 | %allusersprofile%\p.exe |
|
| Details | File | 64 | list.php |
|
| Details | File | 13 | board.php |
|
| Details | File | 4 | board.jsp |
|
| Details | File | 4 | skin.php |
|
| Details | File | 1 | sms_recv.jsp |
|
| Details | md5 | 2 | f3fcb306cb93489f999e00a7ef63536b |
|
| Details | md5 | 1 | 4c852d06c4976657ec63e7f618765585 |
|
| Details | md5 | 1 | de82e6e3972989f79256056815df4e27 |
|
| Details | md5 | 2 | 4df757390adf71abdd084d3e9718c153 |
|
| Details | md5 | 1 | 56283a2c2fd2b72991929e020f37cb05 |
|
| Details | md5 | 1 | 2c93bcf8285c7a956e7f73afe7b56f30 |
|
| Details | md5 | 1 | 3ef3ab96409c6d06eaca0976ef96b88a |
|
| Details | md5 | 3 | d5e974a3386fc99d2932756ca165a451 |
|
| Details | md5 | 1 | 4d7f44e3ea3215a8b5104b474b0be89e |
|
| Details | md5 | 1 | 6f58ad5d76b271a0dcdf13f21b9dec87 |
|
| Details | md5 | 1 | a2284607feebd04a2cb31cb54420df3f |
|
| Details | md5 | 1 | db0caea66ba52103c495ec16c20c4413 |
|
| Details | md5 | 4 | 71759cca8c700646b4976b19b9abd6fe |
|
| Details | md5 | 1 | 8192ee65c7cc9c19e8693a6bd29803cd |
|
| Details | md5 | 1 | 4c25c8400f26aee01aef25b438cdf61a |
|
| Details | md5 | 1 | 76b1d184e1b056d39c0602c496535989 |
|
| Details | md5 | 2 | 927f0a1090255bc724953e1f5a09a070 |
|
| Details | md5 | 1 | c1ab671c412af7e080abe7ff8ff3f9e4 |
|
| Details | md5 | 1 | fd84b6d5f77861a10fc888e381a4616d |
|
| Details | md5 | 1 | 2479abd20adc9115efff7fcc79ac06f7 |
|
| Details | md5 | 3 | 118cfa75e386ed45bec297f8865de671 |
|
| Details | md5 | 3 | f4d46629ca15313b94992f3798718df7 |
|
| Details | md5 | 3 | 53648bf8f0121130edb42c626d7c2fc4 |
|
| Details | md5 | 3 | 0812ce08a75e5fc774a114436e88cd06 |
|
| Details | md5 | 3 | 1bb267c96ec2925f6ae3716d831671cf |
|
| Details | md5 | 3 | 0ecfa51cd4bf1a9841a07bdb5bfcd0ab |
|
| Details | md5 | 2 | df1e7a42c92ecb01290d896dca4e5faa |
|
| Details | md5 | 1 | b6985e5204e7227aef08c6ebbfb24b6c |
|
| Details | md5 | 1 | b7cc5c40cbe8ea8c7cd914ca5331ad3a |
|
| Details | md5 | 1 | 00f18f1d62197ebd3c0c3838cd33c2b7 |
|
| Details | md5 | 1 | 0660c645deb1554a9e92906330f6863c |
|
| Details | md5 | 3 | 4d30612a928faf7643b14bd85d8433cc |
|
| Details | md5 | 1 | fb84a392601fc19aeb7f8ce11b3a4907 |
|
| Details | md5 | 1 | 3a72889649faa2e21a68be3be3232c6d |
|
| Details | md5 | 1 | fdc66cdabd46bc3b26aba4e59943726b |
|
| Details | md5 | 1 | a54d444005af121e99221e17e65bffbd |
|
| Details | md5 | 1 | 54ed652086038418047c993d73d655d5 |
|
| Details | md5 | 1 | e402008449eb99a3037dc103a2c9a869 |
|
| Details | md5 | 1 | 4d7782a8013abe14426ad5b6e03e2a38 |
|
| Details | md5 | 1 | 6d0dea9bff819a3a34e6346fc7320409 |
|
| Details | md5 | 1 | e64e2754703c016ebfb6a3b12b91407b |
|
| Details | md5 | 1 | 36362db5ae8916124b538078e4c06000 |
|
| Details | md5 | 1 | de69c3490eaea6a20f5a3c9bf1f87a4b |
|
| Details | md5 | 1 | 3fdc03a1ab079dd019f83b0e58adf43d |
|
| Details | md5 | 2 | 3b1b8702c4d3e2e194c4cc8f09a57d06 |
|
| Details | md5 | 1 | f990445da44d0ac48e81d60269a210fd |
|
| Details | md5 | 1 | 60b5ff9a485f27b2f56168c193de5942 |
|
| Details | md5 | 1 | 947b3b580c630a31410451fd74f9c440 |
|
| Details | md5 | 1 | bc5835b173b1619ad3c4960ffabc1a42 |
|
| Details | md5 | 1 | cd951654378615e956005af1c8120849 |
|
| Details | md5 | 1 | 2c47c6cf9889c9bff1f0fb0229c7d864 |
|
| Details | md5 | 2 | 8b378eabcec13c3c925cc7ca4d191f5f |
|
| Details | md5 | 2 | 5b387a9130e9b9782ca4c225c8e641b3 |
|
| Details | md5 | 2 | 62eae43a36cbc4ed935d8df007f5650b |
|
| Details | md5 | 2 | eef723ff0b5c0b10d391955250f781b3 |
|
| Details | md5 | 2 | d1a99087fa3793fbc4d0adb26e87efce |
|
| Details | md5 | 2 | d63bb2c5cd4cfbe8fabf1640b569db6a |
|
| Details | md5 | 2 | 569246a3325effa11cb8ff362428ab2c |
|
| Details | md5 | 2 | 3b494133f1a673b2b04df4f4f996a25d |
|
| Details | md5 | 2 | fc3c31bbdbeee99aba5f7a735fac7a7e |
|
| Details | md5 | 2 | 159ad2afcab80e83397388e495d215a5 |
|
| Details | md5 | 1 | 96d5ee709494d4417e92f5af3676082c |
|
| Details | md5 | 1 | fb43468cef3338f7fe0fce30e2279854 |
|
| Details | md5 | 1 | 71da09313fde65f9e594098c375be7c2 |
|
| Details | md5 | 1 | 918a86dd73bc2651e26377ae01b9b069 |
|
| Details | md5 | 1 | e28547cb6cdfc11f5213f9ccc1b3e232 |
|
| Details | md5 | 2 | 3bf9b83e00544ac383aaef795e3ded78 |
|
| Details | md5 | 1 | 0b698039ebdaf08f2cab30a01bc3e3e6 |
|
| Details | md5 | 1 | d0deb5d79ffeda20128436e4167dba67 |
|
| Details | md5 | 1 | 56faddb6918a067a71d2ab2b56c7d9bf |
|
| Details | md5 | 1 | 15b1d3d8df2d204e99911dc72482913e |
|
| Details | md5 | 1 | a9611cc4ab734bef371af07d73540478 |
|
| Details | md5 | 1 | cad1373200da75dbb068f3eb49e18ea8 |
|
| Details | md5 | 1 | e9849f65f159c19357bbbe78ebfc6e48 |
|
| Details | md5 | 1 | 91038ff04bf85c19e377aef3381e47f9 |
|
| Details | md5 | 2 | cb9e18e21226a89ce2c26c695a989e0d |
|
| Details | md5 | 1 | 205585799d0d0f62422a3cfce253001b |
|
| Details | md5 | 2 | bf4a822f04193b953689e277a9e1f4f1 |
|
| Details | md5 | 1 | 5be46724c1452af366523b24acc8ea6b |
|
| Details | md5 | 1 | 19702399b3936dc2ccb5fde011fdf3ba |
|
| Details | md5 | 2 | 38917e8aa02b58b09401383115ab549e |
|
| Details | md5 | 2 | ef3a6978c7d454f9f6316f2d267f108d |
|
| Details | md5 | 1 | 1d092fd15d957805bb140c61a728d767 |
|
| Details | md5 | 2 | 67220baf2a415876bee2d43c11f6e9ad |
|
| Details | md5 | 2 | 33c2e887c3d337eeffbbd8745bfdfc8f |
|
| Details | md5 | 1 | 3fa627c43d3c6efee8693510309ad4ec |
|
| Details | md5 | 1 | f890e61b228f634b2dcf73db8032f769 |
|
| Details | md5 | 1 | 98d270cf03c4ffe1c05cf7c3d3f70dcc |
|
| Details | md5 | 1 | c34cfe7b3e0a25978e16d917d795f6d4 |
|
| Details | md5 | 1 | 5fedd4089f64ee0356120dc662ff967a |
|
| Details | md5 | 1 | def1b5e508d13c3dd5f44df3e72e8fff |
|
| Details | md5 | 2 | abaeecd83a585ec0c5f1153199938e83 |
|
| Details | md5 | 2 | fffad123bd6df76f94ffc9b384a067fc |
|
| Details | md5 | 1 | c827d95429b644e918d53b24719dbe6e |
|
| Details | md5 | 1 | 0d7340efbf5fbd24c83d1cf9fa334c7d |
|
| Details | md5 | 1 | 2430a6e629eb4948819d65bf481467ee |
|
| Details | md5 | 1 | c703d4d46373c1c54107b0944192e472 |
|
| Details | md5 | 1 | 9421518543233d820328c62cbb2c1141 |
|
| Details | md5 | 1 | 5e21cafd920575cbd19c064e2b2b0526 |
|
| Details | md5 | 1 | 3274c1afc58618bf52ff047e15b680c7 |
|
| Details | md5 | 1 | 0468f100865277c608531ebf49b171ed |
|
| Details | md5 | 1 | c975dfa5a7d31468b014e2e440d7d02a |
|
| Details | md5 | 1 | 6e8be6cd7187548ee859ac7d520e225a |
|
| Details | md5 | 1 | 1f5ef44039113df7ab917e55b7fadce7 |
|
| Details | md5 | 1 | b0c4c6d6ae62fec10e97aab1756dc17f |
|
| Details | md5 | 1 | 4832189ecba45ef64d7596e22d8560bd |
|
| Details | md5 | 1 | 24ca459046aa4ecb01b6c5fb9ad5af68 |
|
| Details | md5 | 1 | d58df22f7838c900d979f5e737ffc480 |
|
| Details | md5 | 1 | bdf14488c4f0b44b6cc1ec985d3900aa |
|
| Details | md5 | 1 | e22487b2a35f258e82f9166bc0b3f972 |
|
| Details | md5 | 1 | 0edb25adab3af46f3d900767a3247607 |
|
| Details | md5 | 1 | 7b81ea543bb57d2b6db1610d8b424e95 |
|
| Details | md5 | 1 | 9ca8bbcad9d63a01f694c5bfd4d7c816 |
|
| Details | md5 | 1 | 2be5bae0be955d613c71ff2eb3b46d25 |
|
| Details | md5 | 1 | 265e6604fe577ba404285d32a1f4f4cf |
|
| Details | md5 | 1 | 5c41cbf8a7620e10f158f6b70963d1cb |
|
| Details | md5 | 1 | fc48213b2906342a33cce216e53e3e4e |
|
| Details | md5 | 1 | 4ea1be624b726ef79db88e86d235ff42 |
|
| Details | md5 | 1 | 1eb180e739fe5a7966b62dc1af252000 |
|
| Details | md5 | 1 | 9625e5bdb1084f48d49caa8ad40b1cbe |
|
| Details | md5 | 1 | 693e3d88a67872ebc0268f1475bfcbf9 |
|
| Details | md5 | 2 | 643c2ad6067051e3daf7d08b4adeaed4 |
|
| Details | md5 | 1 | 85e4b3a92ee42d70fc609ae846d3fafa |
|
| Details | md5 | 1 | f947b444d30736483d7f22debe978770 |
|
| Details | md5 | 1 | d6121d74dcef566a5e2f9aba179b8cca |
|
| Details | md5 | 1 | 92e34e16ea05360adab1e66521b989c4 |
|
| Details | md5 | 1 | 525cc10803d9858fca5dc4010925ba68 |
|
| Details | md5 | 1 | a35a8c64870b9a3fe45348b4f2a93e75 |
|
| Details | md5 | 1 | c4f4ba469250568619a7de6f4ba96d14 |
|
| Details | md5 | 1 | 821f27568f8de910d45305aac100e5fb |
|
| Details | md5 | 1 | 9bc9fda251021d0c911b23ce46223164 |
|
| Details | md5 | 2 | 505262547f8879249794fc31eea41fc6 |
|
| Details | md5 | 1 | d6708dcfcc0fc0a7fdf227c7ea1acab0 |
|
| Details | md5 | 1 | dc8e380e78067c02341df6c0ede65630 |
|
| Details | md5 | 1 | 7916bb075141cebf72f735ba43191f6e |
|
| Details | md5 | 1 | bc4889f75b874b171a931ee4c546b745 |
|
| Details | md5 | 1 | 779e53e6a0e08805617479d1f4ac4cca |
|
| Details | md5 | 1 | 5a234286dcc1aef933a951b298445ba8 |
|
| Details | md5 | 1 | f2132947d0668084620c7687342c7bb9 |
|
| Details | md5 | 1 | 3aadb4653ff99633771ee2e28df08db1 |
|
| Details | md5 | 1 | fb60f04f65d169a4471129e171d6b88d |
|
| Details | md5 | 1 | 09dd50472eba443b39aec993bcf4f159 |
|
| Details | md5 | 1 | 05fa64753726ec0f548b7f1894af0e13 |
|
| Details | md5 | 1 | 4387a3e2b3e55911d8e93b18dd873eff |
|
| Details | md5 | 4 | 85995257ac07ae5a6b4a86758a2283d7 |
|
| Details | md5 | 1 | 88b44b5df9efbf0d350d06ee8ef79a0c |
|
| Details | md5 | 1 | 37ca3b0a14a66adf57ec1a41f9a969a0 |
|
| Details | md5 | 1 | c3cecb6c82be49658ba01872e0f643b9 |
|
| Details | md5 | 1 | 1bff2a65522bb08bd576c5056268e3bb |
|
| Details | md5 | 1 | 17817b9836b0e2463a05d42afa59e89d |
|
| Details | md5 | 1 | 194486fb936dcbdc104eb670adddd9fc |
|
| Details | md5 | 1 | 02e8384a5f0354ece7b9b5b69918e6a8 |
|
| Details | md5 | 1 | 9df2dfee4bed45f0fea0f73a055d3d17 |
|
| Details | md5 | 1 | 9a570c53b1a811aba02b2b76cc65b5eb |
|
| Details | md5 | 1 | 88f9824b5a76591d62d391e6b1ef1d31 |
|
| Details | IPv4 | 1 | 34.221.66.33 |
|
| Details | IPv4 | 2 | 23.229.111.197 |
|
| Details | IPv4 | 1 | 10.101.30.127 |
|
| Details | IPv4 | 1 | 13.233.87.126 |
|
| Details | IPv4 | 1 | 149.56.201.228 |
|
| Details | IPv4 | 1 | 173.44.62.102 |
|
| Details | IPv4 | 1 | 185.12.45.134 |
|
| Details | IPv4 | 1 | 185.208.158.204 |
|
| Details | IPv4 | 1 | 185.208.158.205 |
|
| Details | IPv4 | 2 | 185.208.158.208 |
|
| Details | IPv4 | 3 | 193.56.28.251 |
|
| Details | IPv4 | 2 | 198.55.119.112 |
|
| Details | IPv4 | 1 | 25.255.77.106 |
|
| Details | IPv4 | 1 | 27.102.113.100 |
|
| Details | IPv4 | 1 | 27.102.129.91 |
|
| Details | IPv4 | 1 | 27.102.134.33 |
|
| Details | IPv4 | 1 | 27.102.70.192 |
|
| Details | IPv4 | 1 | 27.255.77.106 |
|
| Details | IPv4 | 2 | 45.58.112.77 |
|
| Details | IPv4 | 3 | 52.202.193.124 |
|
| Details | IPv4 | 1 | 52.79.101.146 |
|
| Details | IPv4 | 1 | 54.68.42.4 |
|
| Details | IPv4 | 1 | 78.157.207.15 |
|
| Details | IPv4 | 1 | 86.106.131.104 |
|
| Details | IPv4 | 1 | 87.98.183.116 |
|
| Details | IPv4 | 1 | 27.102.66.54 |
|
| Details | Url | 1 | https://www.boho.or.kr/data/reportview.do?bulletin_writing_sequence=36210 |
|
| Details | Url | 1 | https://atip.ahnlab.com/ti/contents/issue-report/malware-analysis?i=344495af |
|
| Details | Url | 2 | https://securelist.com/andariel-evolves-to-target-south-korea-with-ransomware/102811 |
|
| Details | Url | 1 | https://atip.ahnlab.com/ti/contents/issue-report/malware-analysis?i=15bbe345 |
|
| Details | Url | 1 | http://34.221.66.33/stsess_update.php |
|
| Details | Url | 1 | http://34.221.66.33/asdclient.php |
|
| Details | Url | 1 | http://34.221.66.33/semenser.php |
|
| Details | Url | 1 | http://34.221.66.33/call.exe |
|
| Details | Url | 1 | http://34.221.66.33/ais.exe |
|
| Details | Url | 1 | http://34.221.66.33/msdev.exe |
|
| Details | Url | 1 | http://34.221.66.33/lsdev.exe |
|
| Details | Url | 2 | http://hivekorea.com/jdboard/member/list.php |
|
| Details | Url | 1 | http://www.jinjinpig.co.kr/anyboard/list.php |
|
| Details | Url | 4 | http://www.jinjinpig.co.kr/anyboard/skin/board.php |
|
| Details | Url | 4 | http://mail.namusoft.kr/jsp/user/eam/board.jsp |
|
| Details | Url | 1 | http://www.conkorea.com/cshop/getenforce/board.php |
|
| Details | Url | 1 | http://www.isalim.co.kr/exam/board.php |
|
| Details | Url | 4 | http://snum.or.kr/skin_img/skin.php |
|
| Details | Url | 4 | http://www.ddjm.co.kr/bbs/icon/skin/skin.php |
|
| Details | Url | 2 | http://mail.sisnet.co.kr/jsp/user/sms/sms_recv.jsp |
|
| Details | Url | 1 | http://mail.neocyon.com/jsp/user/sms/sms_recv.jsp |
|
| Details | Url | 8 | https://atip.ahnlab.com |
|
| Details | Windows Registry Key | 188 | HKCU\Software\Microsoft\Windows\CurrentVersion\Run |
|
| Details | Windows Registry Key | 1 | HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App |
|
| Details | Windows Registry Key | 1 | HKCU\SOFTWARE\Classes\.tlb |
|
| Details | Windows Registry Key | 1 | HKCU\SOFTWARE\Classes\System.Collections.Logic.tlb\Shell\Open\Command |