Trojan.TechAgent, Ghapoly

by ezclean posted Jan 08, 2021
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

Trojan.TechAgent



*file
C:\Windows\System32\Tasks\TechAgentTask
C:\Windows\System32\Tasks\TechAgent Task
C:\Users\Public\Desktop\TechAgent.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechAgent\TechAgent.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechAgent\TechAgent on the Web.url
C:\Program Files\TechAgent\uninstaller.exe
C:\Program Files\TechAgent\TechAgent.exe

*reg_key
HKCU\Software\TechAgent
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TechAgent
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3230F7A7-A7C3-45FC-9B34-E9DD0F280CD4}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43524D85-E552-4D7E-B28C-9A13E6B2AB08}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TechAgent Task
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TechAgentTask

 


Trojan.Ghapoly

 


*file
C:\Program Files\ghapoly\Release_21.dll
C:\Program Files\Ghapoly\Proxy32.dll
C:\Program Files\Ghapoly\libvlc.dll
C:\Program Files\Ghapoly\launcher_2.dll
C:\Program Files\Ghapoly\drizutainshupkCld.dll2428453
C:\Program Files\Ghapoly\drizutainshupkCld.dll
C:\Program Files\Ghapoly\cerbatain.exe
C:\Program Files\4d814d56\1477962072\4EE7\0E49\E6439B563A06\vnseB600.tmp
C:\Program Files\4D814D56\1477962072\4EE7\0E49\E6439B563A06\Uninstall.exe
C:\Program Files\4D814D56\1477962072\4EE7\0E49\E6439B563A06\ah7vb7.dll
C:\Program Files\Ghapoly
C:\Program Files\4D814D56\1477962072\4EE7\0E49\E6439B563A06

*reg_key
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D587A28B\D9CE\4EF1\9DEA\A63533C05918}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{68B20711\EF26\4325\997A\8205F1508AB2}
 

11111.png

 

TAG •
위로 아래로 댓글로 가기 인쇄