E-mail-worm Analysis
E-mail-worm Analysis
E-mail-worm Analysis
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
어셈블리어 개발자 그룹 :: 어셈러브<br />
DEBUT.TMP<br />
SYSTEM₩CurrentControlSet₩Services₩SharedAccess₩Parameters₩FirewallPolicy₩StandardProfile₩AuthorizedApplications₩List<br />
%s:*:Enabled:ipsec // 위의 레지스트리 경로에 다음 값을 생성합니다.<br />
bagla_super_downloader_1000<br />
RegisterServiceProcess<br />
kernel32<br />
smtp_bagla_1000<br />
http://noshit.fateback.com/<br />
http://noshit.fateback.com/<br />
₩regisp32.exe<br />
smtp_bagla_1000<br />
SeDebugPrivilege<br />
advapi32.dll<br />
AdjustTokenPrivileges<br />
InitializeAcl<br />
LookupPrivilegeValueA<br />
OpenProcessToken<br />
SetSecurityInfo<br />
kernel32.dll<br />
RegisterServiceProcess<br />
iphlpapi.dll<br />
GetNetworkParams<br />
MuXxXxTENYKSDesignedAsTheFollowerOfSkynet-D<br />
'D'r'o'p'p'e'd'S'k'y'N'e't'<br />
_-oOaxX|-+S+-+k+-+y+-+N+-+e+-+t+-|XxKOo-_<br />
[SkyNet.cz]SystemsMutex<br />
AdmSkynetJklS003<br />
____--->>>>U