|
Adware/Droper.Mcorp´Â ActiveX Çü½ÄÀ» ÃëÇØ »ç¿ëÀÚ¿¡°Ô ¼³Ä¡¸¦ À¯µµÇÏ°í,
¼³Ä¡ °úÁ¤¿¡¼µµ ¼³Ä¡°úÁ¤À» Ç¥½Ã ÇÏÁö ¾Ê´Â µî ÀºÆóÀûÀ¸·Î ¼³Ä¡µÇ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
¼³Ä¡ ÀÌÈÄ, ÃÖ¼ÒÇÑÀÇ Ç¥½Ã ÀÌ¿Ü¿¡´Â ÇÁ·Î±×·¥ ¼³Ä¡¸¦ ¾Ë¾Æº¼¼ö ¾øµµ·Ï Çϸç,
»ç¿ëÀÚ µ¿ÀÇ ¾øÀÌ À¥»çÀÌÆ®ÀÇ ¼³Á¤¹× ±âº» ±â´ÉÀ» º¯°æ ÇÏ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
ÀÌ´Â
- À¥ ºê¶ó¿ìÀúÀÇ È¨ÆäÀÌÁö ¼³Á¤À̳ª °Ë»ö ¼³Á¤À» º¯°æ ¶Ç´Â ½Ã½ºÅÛ ¼³Á¤À» º¯°æÇÏ´Â ÇàÀ§
- Á¤»ó ÇÁ·Î±×·¥ÀÇ ¿î¿µÀ» ¹æÇØ, ÁßÁö ¶Ç´Â »èÁ¦ ÇÏ´Â ÇàÀ§
- ´Ù¸¥ ÇÁ·Î±×·¥À» ´Ù¿î·Îµå ÇÏ¿© ¼³Ä¡ÇÏ°Ô ÇÏ´Â ÇàÀ§
- ¿î¿µÃ¼°è ¶Ç´Â Ÿ ÇÁ·Î±×·¥ÀÇ º¸¾È¼³Á¤À» Á¦°ÅÇϰųª ³·°Ô º¯°æÇÏ´Â ÇàÀ§
- ÀÌ¿ëÀÚ°¡ ÇÁ·Î±×·¥À» Á¦°ÅÇϰųª Á¾·á½ÃÄѵµ ÇÁ·Î±×·¥(´çÇØ ÇÁ·Î±×·¥ÀÇ º¯Á¾ ÇÁ·Î±×·¥µµ Æ÷ÇÔ)ÀÌ Á¦°Å µÇ°Å³ª Á¾·áµÇÁö ¾Ê´Â ÇàÀ§
[»ý¼º ÆÄÀÏ]
%prog%\mcorp\mc.dat
%prog%\mcorp\mcorp2.exe
%prog%\mcorp\mcorp_1.dll
%prog%\mcorp\mcorp_2.dll
%prog%\mcorp\Temp", "*.*
%prog%\mcorp\Temp
%prog%\mcorp\*.*
%prog%\mcorp
[»ý¼º ·¹Áö]
HKEY_CURRENT_USER\software\mcorp
HKEY_*_*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run mcorp
°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù.
%windows%
c:\windows
%program%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥
%system%
C:\windows\system32
%prog%
C:\Program Files
%currentuser%
C:\Documents and Settings\(username)
%startmenu%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º
»ç¿ëÀÚ µ¿ÀǾøÀÌ BHO·Î ¼³Ä¡µÇ¾î »ç¿ëÀÚ Å°¿öµå¸¦ °¨½ÃÇÏ´Â ¾Öµå¿þ¾îÀÌ´Ù.
|
|
|