|
|
 |
|
|
| ¹ÙÀÌ·¯½º
À̸§ |
VBS/Reality.B |
¹ÙÀÌ·¯½º
Á¾·ù |
Script Virus |
| ½ÇÇà
ȯ°æ |
Windows |
Á¦ÀÛÁö |
´ëÇѹα¹ |
| ¹ß°ßÀÏ |
20010706 |
¹ÙÀÌ·¯½ºÅ©±â |
|
| ¸ÞÀÏ
Á¦¸ñ |
|
| ÷ºÎÆÄÀÏ |
|
| ¹ÙÀÌ·¯½º Áõ»ó |
°¨¿°°æ·Î´Â ºÒºÐ¸í ÇÏ¸ç ¸ÞÀÏÀ» ÅëÇؼ´Â ÀüÆĵÇÁö ¾Ê´Â´Ù.
°¨¿°µÈ ÆÄÀÏÀÌ ½ÇÇà µÇ¸é ÃÖÃÊ Active-X âÀÌ ¶° "¿¹" ¹öÆ°À»
Ŭ¸¯ ÇÏ¸é ¹ÙÀÌ·¯½º°¡ ½ÇÇà µÈ´Ù.
ÀͽºÇ÷η¯ÀÇ Ãʱâ À¥ ÁÖ¼Ò¸¦ xxxx-jxxxn.comÀ¸·Î º¯°æ ÇϰԵȴÙ.
±×¸®°í È®ÀåÀÚ°¡ htt, htm, html, asp ÀÎ ÆÄÀÏ°ú ´ÙÀ½°ú °°Àº Æú´õ¸¦ °Ë»öÇؼ °¨¿° ½ÃŲ´Ù.
C:My Documents
C:Windows¹ÙÅÁ ȸé
C:WindowsDesktop
C:WindowsWeb
C:WindowsWebWallpaper
C:WindowsHelp
C:WindowsTemp
C:Program FilesInternet ExplorerConnection Wizard
C:Program FilesMicrosoft OfficeOfficeHeaders
C:Inetpubwwwroot
¶ÇÇÑ ÀÏÁ¤ È®·ü·Î À©µµ¿ì ½Ã½ºÅÛ Æú´õ(win9x: c:\windows\system, win 2000: c:\winnt\system32, win xp: c:\windows\system32)
¿¡ system.dll ÆÄÀÏÀ» »ý¼º ÇÑ´Ù.
°¨¿°µÈ ½Ã½ºÅÛÀº ÀçºÎÆýà COMMAND Æú´õ¿¡ System16.COM ÆÄÀÏÀ» »ý¼º ÇÏ°Ô
µÇ´Âµ¥ µµ½º¿ë ¹ÙÀÌ·¯½º ·Î À©µµ¿ì¿¡¼´Â ½ÇÇàµÇÁö ¾Ê´Â´Ù.
´ÙÀ½Ã³·³ ·¹Áö½ºÆ®¸®¸¦ º¯°æÇÏ¿© active-x °æ°íâÀ» ¶ç¿ìÁö ¾Ê°Ô º¯°æÇÑ´Ù.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
Ç׸ñ¿¡
1201 ÀÇ °ªÀ» 0 À¸·Î º¯°æÇÑ´Ù.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
Ç׸ñ¿¡
1201 ÀÇ °ªÀ» 0 À¸·Î º¯°æÇÑ´Ù.
±×¸®°í
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Ç׸ñ¿¡ ´ÙÀ½ÀÇ °ªÀ» º¯°æ ÇÑ´Ù.
ProductName = Windogz
LicensingInfo = Fxxxing Axxxab! I''m NOT HTML/Reality! Rename HTML/Thrower!
RegisteredOwner = Kil13r
RegisteredOrganization = in Korea, DLSoft
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Ç׸ñ¿¡
Start Page = http://fxxk-jxxxn.com
Default_Page_URL = http://fxxk-jxxxn.com
|
|
Ä¡·á ¹æ¹ý |
Åͺ¸¹é½Å Ai, Åͺ¸¹é½Å 2001 ¶Ç´Â Åͺ¸¹é½Å OnlineÀ¸·Î Ä¡·á°¡´ÉÇÕ´Ï´Ù.
<Ä¡·áÈÄ ´ÙÀ½ÀÇ º¸¾È ÆÐÄ¡¸¦ Àû¿ë>
Microsoft VM ActiveXÀÇ Ãë¾àÁ¡À» ÀÌ¿ëÇÒ À§ÇèÀÌ ÀÖÀ¸¹Ç·Î ¾Æ·¡ÀÇ ÁÖ¼Ò¿¡¼ ÆÐÄ¡¸¦ ¹Þ¾Æ
¼³Ä¡ÇϽñ⠹ٶø´Ï´Ù.
http://www.microsoft.com/technet/security/bulletin/ms00-075.asp
|
|
Á÷Á¢Ä¡·á¹æ¹ý |
|
|
|
|
|
