|
|
|
|
¹ÙÀÌ·¯½º
À̸§ |
W32/Mytob.47104@mm |
¹ÙÀÌ·¯½º
Á¾·ù |
Worm |
½ÇÇà
ȯ°æ |
Windows |
Á¦ÀÛÁö |
ºÒºÐ¸í |
¹ß°ßÀÏ |
20050603 |
¹ÙÀÌ·¯½ºÅ©±â |
47,104 Byte |
¸ÞÀÏ
Á¦¸ñ |
Account Alert ¿Ü ´Ù¼ö |
÷ºÎÆÄÀÏ |
email-info.zip ¿Ü ´Ù¼ö |
¹ÙÀÌ·¯½º Áõ»ó |
ÀÌ ¿úÀº À̸ÞÀÏÀ» ÅëÇÏ¿© ÀüÆĵǸç, ÀÚü SMTP ¿£ÁøÀ» ÀÌ¿ëÇÑ´Ù.
[¸ÞÀÏ Á¦¸ñ]
´ÙÀ½ Áß¿¡¼ ¼±ÅõȴÙ.
*DETECTED* Online User Violation
*WARNING* Your Email Account Will Be Closed
:Notice: **Last Warning**
Account Alert
Email Account Suspension
Important Notification
Notice of account limitation
Security measures
Your Email Account is Suspended For Security Reasons
[¸ÞÀÏ ³»¿ë]
´ÙÀ½ Áß¿¡¼ ¼±ÅõȴÙ.
Once you have completed the form in the attached file , your account records will not be interrupted and will continue as normal.
Please read the attached document and follow it''s instructions.
The original message has been included as an attachment.
We attached some important information regarding your account.
We regret to inform you that your account has been suspended due to the violation of our site policy, more info is attached.
[÷ºÎÆÄÀÏ]
À̸§ Àº ´ÙÀ½ ¸®½ºÆ®¿¡¼ ¼±Åà µÈ´Ù.
account-details
document
email-doc
email-info
INFO
info-text
information
instructions
È®ÀåÀÚ´Â ´ÙÀ½°ú °°´Ù.
BAT
CMD
EXE
PIF
SCR
ZIP
[Ư¡]
¿úÀÌ ½ÇÇàµÇ¸é ´ÙÀ½°ú °°ÀÌ À©µµ¿ì ½Ã½ºÅÛ Æú´õ(win 2000, NT : c:\Wint\system32, win XP : c:\windows\system32)
¿¡ BETA.EXE ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.
¶ÇÇÑ, ´ÙÀ½Ã³·³ ·¹Áö½ºÆ®¸¦ ¼öÁ¤ÇÏ¿© ´ÙÀ½ ºÎÆýà ½ÇÇàµÇµµ·Ï Á¶ÀÛÇÑ´Ù.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Ç׸ñ¿¡
WINDOWS SYSTEM = "beta.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
Ç׸ñ¿¡
WINDOWS SYSTEM = "beta.exe"
¸¦ ±â·ÏÇÑ´Ù.
windows xp ¿¡¼´Â firwall ¼³Á¤¿¡ °ü°èµÈ ´ÙÀ½ ·¹Áö½ºÆ®¸®¸¦ ¼öÁ¤ÇÑ´Ù.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess
Start = "4"
¸¦ ±â·ÏÇÑ´Ù.
À̸ÞÀÏ ÁÖ¼Ò´Â ´ÙÀ½ È®ÀåÀÚ¸¦ °¡Áø ÆÄÀÏ¿¡¼ ÃßÃâ ÇÑ´Ù.
ADB
ASP
CGI
DBX
HTM
JSP
PHP
PL
SHT
TBB
TXT
WAB
XML
´ÙÀ½ ¹®ÀÚ¿À» Æ÷ÇÔÇÑ ¸ÞÀÏÁּҷδ °¨¿°µÈ ¸ÞÀÏÀ» º¸³»Áö ¾Ê´Â´Ù.
abuse
accoun
admin
administrator
anyone
be_loyal:
bsd
bugs
ca
certific
contact
fcnz
feste
gold-certs
google
help
icrosoft
info
linux
listserv
mail
me
no
nobody
noone
not
nothing
ntivi
page
postmaster
privacy
rating
register
root
samples
secur
service
site
soft
somebody
someone
spm
submit
support
the.bat
unix
webmaster
www
you
your
´ÙÀ½ µµ¸ÞÀÎ ³×ÀÓÀ» Æ÷ÇÔÇÏ°í ÀÖ´Â À̸ÞÀÏ Áּҷδ °¨¿°µÈ ¸ÞÀÏÀ» º¸³»Áö ¾Ê´Â´Ù.
.edu
.gov
.mil
acketst
arin.
avp
berkeley
borlan
bsd
example
fido
foo.
fsf.
gnu
google
gov.
hotmail
iana
ibm.com
icrosof
ietf
inpris
isc.o
isi.e
kernel
linux
math
mit.e
mozilla
msn.
mydomai
nodomai
panda
pgp
rfc-ed
ripe.
ruslis
secur
sendmail
sopho
syma
tanford.e
unix
usenet
utgers.ed
¶ÇÇÑ ÀϺΠ¹é½Å¹× º¸¾ÈÇÁ·Î±×·¥ÀÇ ÇÁ·Î¼¼½º¸¦ °Á¦ Á¾·á ½ÃÅ°°í ·£´ýÇÑ
Æ÷Æ®¸¦ ¿¾î ³õ¾Æ, ƯÁ¤ IRC ä³Î¿¡ Á¢¼ÓÇÏ´Â ±â´ÉÀ» °¡Áö°í ÀÖ´Ù.
¸¶Áö¸·À¸·Î Hosts ÆÄÀÏÀ» ¼öÁ¤ÇÏ¿© ƯÁ¤ ÁÖ¼Ò·Î Á¢¼ÓÀ» ¹æÇØ ÇÑ´Ù.
³»¿ëÀº ´ÙÀ½°ú °°´Ù.
avp.com
ca.com
customer.symantec.com
dispatch.mcafee.com
download.mcafee.com
f-secure.com
kaspersky.com
kaspersky-labs.com
liveupdate.symantec.com
liveupdate.symantecliveupdate.com
mast.mcafee.com
mcafee.com
microsoft.com
my-etrust.com
nai.com
networkassociates.com
oxyd.fr
rads.mcafee.com
secure.nai.com
securityresponse.symantec.com
sophos.com
symantec.com
t35.com
t35.net
trendmicro.com
update.symantec.com
updates.symantec.com
us.mcafee.com
viruslist.com
viruslist.com
virustotal.com
www.avp.com
www.ca.com
www.f-secure.com
www.grisoft.com
www.kaspersky.com
www.mcafee.com
www.microsoft.com
www.msn.com
www.my-etrust.com
www.nai.com
www.networkassociates.com
www.oxyd.fr
www.sophos.com
www.symantec.com
www.t35.com
www.t35.net
www.trendmicro.com
www.viruslist.com
www.virustotal.com |
Ä¡·á ¹æ¹ý |
Åͺ¸¹é½Å Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.
|
Á÷Á¢Ä¡·á¹æ¹ý |
|
|
|
|
|