|
Ä¿¹Â´ÏƼ
|
|
Ä¿¹Â´ÏƼ Ãßõ°Ô½Ã¹°
¿î¿µÁø ¼±Á¤ | Ãßõ¼ø | ÃÖ±Ù´ñ±Û´Þ¸°¼ø | °¶·¯¸®(Æ÷Åä)
Ä¿¹Â´ÏƼ Ãßõ°Ô½Ã¹°
¿î¿µÁø ¼±Á¤ | Ãßõ¼ø | ÃÖ±Ù´ñ±Û´Þ¸°¼ø | °¶·¯¸®(Æ÷Åä)
Ä¿¹Â´ÏƼ Ãßõ°Ô½Ã¹°
¿î¿µÁø ¼±Á¤ | Ãßõ¼ø | ÃÖ±Ù´ñ±Û´Þ¸°¼ø | °¶·¯¸®(Æ÷Åä)
Ä¿¹Â´ÏƼ Ãßõ°Ô½Ã¹°
¿î¿µÁø ¼±Á¤ | Ãßõ¼ø | ÃÖ±Ù´ñ±Û´Þ¸°¼ø | °¶·¯¸®(Æ÷Åä)
|
|
|
|
|
 |
|
¾Æ¸¶ Storm ¿ú¿¡ ´ëÇØ µé¾îº» ÀûÀÌ ÀÖ½À´Ï±î? ¾Æ¸¶µµ ±¹¾î¸¦ ¾Ö¿ëÇÏ´Â »ç¶÷À̶ó¸é Àß ¸ð¸£´Â °æ¿ì°¡ ´ëºÎºÐÀÔ´Ï´Ù. ÀÌ ¿úÀº ÁÖ·Î Á¦¸ñ¿¡ Áß¿äÇÑ »ç½Ç/´º½º µîÀ» ´ãÀº ½ºÆÔ ¸Þ½ÃÁö¸¦ ÅëÇØ Àü¿°µÇÁö¸¸ ¿µ¾îÀÎ °ü°è·Î Çѱ¹ ȯ°æ¿¡¼´Â ±×¸® Å©°Ô ÁÖ¸ñÀ» ¹ÞÁö ¸øÇÏ¿´½À´Ï´Ù.
Àá½Ã ÀÌ ¿ú¿¡ ´ëÇؼ ¼Ò°³ÇØ µå¸³´Ï´Ù. Storm ¿úÀº Áö³ 1¿ù ´Þ¿¡ ÃÖÃÊ ¹ß°ßµÈ °ÍÀ¸·Î ¾Ë·ÁÁö°í ÀÖÀ¸¸ç, ÁÖ·Î ¿µ¾î±Ç ±¹°¡ÀÎ À¯·´ÂÊ¿¡ ¸¹ÀÌ °¨¿°µÇ¾ú½À´Ï´Ù. ƯÈ÷, Storm ¿úÀº ½ºÆÔ ¸Þ½ÃÁöÀÇ Á¦¸ñ¿¡ "230 dead as storm batters europe"¿Í °°ÀÌ Áß¿äÇÑ ´º½º°Å¸® Áï, ³¬½ÃÁú Á¦¸ñÀ¸·Î ¸¹Àº »ç¶÷µéÀÌ °¨¿°µÇ¾ú½À´Ï´Ù. 2¿ù ´Þ¿¡´Â ¹ß·»Å¸ÀÎ µ¥ÀÌ¿¡ °üÇؼ, ÃÖ±Ù 3¿ù¿¡´Â Á¦ 3Â÷ ¼¼°è ´ëÀü¿¡ ´ëÇÑ ¼Ò½ÄÀ¸·Î Çѹø ´õ Àü¼¼°èÀûÀ¸·Î ÀüÆÄ°¡ µÇ¾ú½À´Ï´Ù.
ÀÌ ½ºÆÔ ¸Þ½ÃÁöÀÇ ÇüÅ´ ´ÙÀ½°ú °°½À´Ï´Ù.
Á¦¸ñ
Worm Detected!
Virus Detected!ected!
Virus Activity Detected!
ATTN!
Spyware Alert!
Spyware Detected!
Warning!
Trojan Alert!
Trojan Detected!
Worm Activity Detected!
Virus Alert!
º»¹®
From: Customer Support
Dear Customer,
Our robot has detected an abnormal activity from your IP address on sending e-mails.
Probably it is connected with the last epidemic of a worm which does not have official patches at the moment. We recommend you to install this patch to remove worm files and stop email sending, otherwise your account will be blocked. We had archived the patch because the worm can modify unpacked exe files. You should open the archive file, enter the password and run the patch immediately.
Password: {Random}
Customer Support Center Robot.
Attachment: Patch-{Random}.zip
÷ºÎ ÆÄÀÏ
º¸Åë 2°³ÀÇ Ã·ºÎÆÄÀÏÀ» Æ÷ÇÔÇÏ°í ÀÖ½À´Ï´Ù. Çϳª´Â ÀÏ¹Ý ±×¸² ÆÄÀÏ(*.gif)ÀÌ°í ³ª¸ÓÁö Çϳª°¡ ºñ¹Ð¹øÈ£·Î ¾ÐÃàµÈ zip ÆÄÀÏÀÔ´Ï´Ù. º¸Åë ´ÙÀ½ÀÇ À̸§À» °¡Áý´Ï´Ù.
patch-[RANDOM 4 DIGITS].zip
removal-[5 RANDOM DIGITS].zip
hotfix-[5 RANDOM DIGITS].zip
bugfix-[5 RANDOM DIGITS].zip
Stom ¿úÀÌ »õ·Ó°Ô ¼±º¸ÀÎ ±â¼úÀÌ ¹Ù·Î ÀÌ ºñ¹Ð¹øÈ£·Î º¸È£ÇÏ´Â zip ÆÄÀÏÀÔ´Ï´Ù. ÷ºÎ ÆÄÀÏÀÇ ºñ¹Ð¹øÈ£´Â ±ÛÀÚ¿Í ¼ýÀÚ·Î ¼¯¿© ·£´ýÇÏ°Ô Á¶Çյ˴ϴÙ. ¹°·Ð, À̸ÞÀÏ¿¡´Â ºñ¹Ð¹øÈ£°¡ Æ÷ÇԵǾî ÀÖ¾î ½±°Ô ¾Ë ¼ö´Â ÀÖ½À´Ï´Ù.
¸¸¾à zip ÆÄÀÏ¿¡ ºñ¹Ð¹øÈ£¸¦ ³Ö¾î¼ ¿¾î¼ ½ÇÇàÀ» Çϸé, Storm ¿úÀ» PC¿¡ ¼³Ä¡ÇÏ°í ¹ÙÀÌ·¯½º ½ºÄ³³Ê·ÎºÎÅÍ ÀÚ½ÅÀ» º¸È£Çϱâ À§ÇØ ·çƮŶÀ» ÀÌ¿ëÇÏ¿© ¼û±é´Ï´Ù. ·çƮŶ¿¡ »ç¿ëµÇ´Â ´ëÇ¥ÀûÀÎ ÆÄÀÏÀº wincom32.sysÀÌ°í ´ÙÀ½°ú °°ÀÌ ·çƮŶ ŽÁö ÇÁ·Î±×·¥À» ã¾Æ ³¾ ¼ö ÀÖ½À´Ï´Ù.
·çƮŶ ±¸¼º¿ä¼Ò
SSDT
ZwEnumerateKey
C:\WINDOWS\system32\wincom32.sys
SSDT
ZwEnumerateValueKey
C:\WINDOWS\system32\wincom32.sys
SSDT
ZwQueryDirectoryFile
C:\WINDOWS\system32\wincom32.sys
IRP
\Driver\Tcpip->IRP_MJ_DEVICE_CONTROL
\\??\C:\WINDOWS\system32\wincom32.sys
|
|
| ÀÌ °Ô½Ã¹°ÀÇ ´ñ±Û º¸±â |
|
 |
|
| ÃßõÁ¦¾È³» |
ÁÁÀº °Ô½Ã¹°¿¡´Â ÃßõÀ» ÇÒ ¼ö ÀÖ½À´Ï´Ù.ÃßõÀÌ 5 ÀÌ»óÀÌ¸é ¸ÞÀÎÆäÀÌÁö Çìµå¶óÀο¡ °Ô½Ã¹°À» °É¾î µå¸³´Ï´Ù.
Àû¸³µÈ Æ÷ÀÎÆ®·Î ÁøÇàÁßÀÎ À̺¥Æ®¿¡ Âü¿©ÇÏ½Ã¾î °æÇ°À» ¹Þ¾Æ°¡½Ç ¼ö ÀÖ½À´Ï´Ù.
Æ÷ÀÎÆ®¾È³» ±ÛÀÛ¼º : 20Á¡, ÃßõŬ¸¯ : 2Á¡, Ãßõ¹ÞÀº»ç¶÷ 2Á¡, ´ñ±ÛÀÛ¼º : 4Á¡ (2008.12.29ÀϺÎÅÍ) |
|
|
|
|
|
|
