|
|
|
|
¹ÙÀÌ·¯½º
À̸§ |
W32/Swen.106496@mm |
¹ÙÀÌ·¯½º
Á¾·ù |
Worm |
½ÇÇà
ȯ°æ |
Win9x, Win2000, NT |
Á¦ÀÛÁö |
ºÒºÐ¸í |
¹ß°ßÀÏ |
20030918 |
¹ÙÀÌ·¯½ºÅ©±â |
106,496 Bytes |
¸ÞÀÏ
Á¦¸ñ |
Newest Security Upgrade ¿Ü ´Ù¼ö |
÷ºÎÆÄÀÏ |
clly.exe ¿Ü ´Ù¼ö |
¹ÙÀÌ·¯½º Áõ»ó |
ºñÁÖ¾ó C++·Î ÀÛ¼ºµÇ¾úÀ¸¸ç, P2P ÀÀ¿ë ÇÁ·Î±×·¥ÀÎ KaZaA ±×¸®°í
mIRC µîÀ¸·Î ÀüÆĵȴÙ.
ÇØ´ç ¿úÀº ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®°¡ º¸³½ Çü½ÄÀÇ ÆÐÄ¡ÆÄÀÏ ÇÁ·Î±×·¥°ú
·£´ýÇÑ Á¦¸ñÀ» °¡Áö´Â ÀÏ¹Ý ÅؽºÆ® ¸ÞÀÏÇü½ÄÀ» °¡Áö°í ÀÖ´Ù.
·£´ýÇÑ Á¦¸ñÀ» °¡Áö´Â ÀÏ¹Ý ÅؽºÆ® Çü½ÄÀÇ ¸ÞÀÏÀº º¸¾ÈÆÐÄ¡°¡ ¾ÈµÈ
¾Æ¿ô·è¿¡¼ ¸ÞÀÏÀ» Àб⸸ Çصµ ÀÚµ¿ ½ÇÇàµÇ´Â º¸¾È¹ö±×¸¦ ÀÌ¿ëÇϱ⵵ ÇÑ´Ù.
±×¸®°í ÀÌ ¿úÀº À©µµ¿ì º¸¾ÈÆÐÄ¡ Çü½Ä°ú ÀÏ¹Ý ÅؽºÆ® Çü½ÄÀÇ ¸ÞÀÏÀÌ
¦À» ÀÌ·ç¾î µ¿½Ã¿¡ º¸³»Áø´Ù.
¿úÀº *.dbx, *.mbx, *.eml,*.wab, *.asp, *.ht* ÆÄÀÏ¿¡¼ ¸ÞÀÏ ÁÖ¼Ò¸¦ ÃßÃâ
ÇÏ¿© ÀÚü smpt¸¦ ÀÌ¿ë °¨¿°µÈ ÆÄÀÏ°ú ÇÔ²² ¸ÞÀÏÀ» ¹ß¼ÛÇϸç,³×Æ®¿öÅ©
°øÀ¯Æú´õ¸¦ ÅëÇØ ÀüÆĵDZ⵵ ÇÑ´Ù.
¿úÀÌ ½ÇÇà µÇ¸é À©µµ¿ì Æú´õ(win9x, xp : c:\windows, win2000 : c:\winnt)¿¡
º¹»çº»À» ·£´ýÇÑ ÆÄÀÏÀ̸§À¸·Î »ý¼ºÇÑ´Ù.
±×¸®°íSwen1.datÆÄÀÏÀ» »ý¼ºÇϴµ¥ ´º½º±×·ìÀÇ ¼¹ö ÁÖ¼Ò°¡ ÀúÀåµÇ ÀÖ´Ù.
ƯÈ÷ *.reg Çü½ÄÀÇ È®ÀåÀÚ¸¦ ½ÇÇàÇÒ¶§ÀÇ ·¹Áö½ºÆ®¸®¸¦ º¯°æÇϱ⠶§¹®¿¡
reg ÆÄÀÏÀ» ½ÇÇàÇÏ·Á ÇÒ °æ¿ì ´ÙÀ½°ú °°Àº ¿¡·¯ ¸Þ½ÃÁö¸¦ ³ªÅ¸³½´Ù.
''Memory access violation in module kernel32 at xxxx''( xxxx : ·£´ýÇÑ ¼ýÀÚ)
¶ÇÇÑ ÀÚ½ÅÀ» ½ÇÇàÇÒ¼ö ÀÖ°Ô ¾Æ·¡ÀÇ ³»¿ëÀÌ ·¹Áö½ºÆ®¸®¿¡ Ãß°¡ µÈ´Ù.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Ç׸ñ¿¡
·£´ýÇÑ µ¥ÀÌÅÍ °ª = (·£´ýÇÑÆÄÀϸí).exe autorun
HKEY_CLASSES_ROOT\batfile\shell\open\command
Ç׸ñ¿¡
(Default) = (·£´ýÇÑÆÄÀϸí).exe "%1" %*
HKEY_CLASSES_ROOT\comfile\shell\open\command
Ç׸ñ¿¡
(Default) = (·£´ýÇÑÆÄÀϸí).exe "%1" %*
HKEY_CLASSES_ROOT\exefile\shell\open\command
Ç׸ñ¿¡
(Default) = (·£´ýÇÑÆÄÀϸí).exe "%1" %*
HKEY_CLASSES_ROOT\piffile\shell\open\command
Ç׸ñ¿¡
(Default) = (·£´ýÇÑÆÄÀϸí).exe "%1" %*
HKEY_CLASSES_ROOT\regfile\shell\open\command
Ç׸ñ¿¡
(Default) = (·£´ýÇÑÆÄÀϸí).exe showerror
HKEY_CLASSES_ROOT\scrfile\shell\open\command
Ç׸ñ¿¡
(Default) = (·£´ýÇÑÆÄÀϸí).exe "%1" /S
HKEY_CLASSES_ROOT\scrfile\shell\config\command
Ç׸ñ¿¡
(Default) = (·£´ýÇÑÆÄÀϸí).exe "%1"
±×¸®°í ´ÙÀ½°ú °°Àº ÇÁ·Î¼¼½º°¡ ¹ß°ßµÇ¸é ÇØ´ç ÇÁ·Î±×·¥À» °Á¦ Á¾·á ½ÃŲ´Ù.
_avp
ackwin32
anti-trojan
aplica32
apvxdwin
autodown
avconsol
ave32
avgcc32
avgctrl
avkserv
avsched32
avwin95
avwupd32
blackd
blackice
bootwarn
ccapp
ccshtdwn
cfiadmin
cfiaudit
cfind
cfinet
claw95
ecengine
efinet32
esafe
espwatch
f-agnt95
f-prot
f-prot95
f-stopw
findviru
fp-win
fprot
fprot95
iamapp
iamserv
ibmasn
ibmavsp
icload95
icloadnt
icmon
icmoon
icssuppnt
icsupp
iface
iomon98
kpfw32
lookout
luall
lockdown2000
moolive
mpftray
msconfig
nai_vs_stat
navapw32
navlu32
navnt
navsched
nisum
nmain
normist
nupdate
nupgrade
nvc95
outpost
padmin
pavcl
pavsched
pcciomon
pccmain
pccwin98
persfw
pop3trap
pview
pcfwallicon
regedit
rescue
safeweb
serv95
sphinx
sweep
vcleaner
vcontrol
vet32
vet95
vet98
vettray
vscan
vsecomr
vshwin32
vsstat
webtrap
wfindv32
zapro
zonealarm
*¸¶ÀÌÅ©·Î ¼ÒÇÁÆ® ÆÐÄ¡Çü½Ä
º¸³½»ç¶÷ : ´ÙÀ½¿¡¼ ¼±ÅõȴÙ.
MS Corporation Security Center
Microsoft Corporation Security Bulletin
Microsoft Corporation Security Department
¸ÞÀÏÁ¦¸ñ : ´ÙÀ½¿¡¼ ¼±ÅõȴÙ.
Latest Pathch
Newest Security Upgrade
Internet Security Upgrade
¹Þ´Â »ç¶÷ : ´ÙÀ½¿¡¼ ¼±ÅõȴÙ.
Consumer
Client
Microsoft Coporation Consumer
*ÀÏ¹Ý ¸ÞÀÏ Çü½Ä
º¸³½»ç¶÷ : ´ÙÀ½¿¡¼ ¼±ÅõȴÙ.
MS Mail Delivery System
MS Net Message Storage System
network email storage system
¸ÞÀÏÁ¦¸ñ : ´ÙÀ½¿¡¼ ¼±ÅõȴÙ.
advice
(Á¦¸ñ¾øÀ½)
report
¹Þ´Â»ç¶÷ : ´ÙÀ½¿¡¼ ¼±ÅõȴÙ.
Mail Receiver
internet recipient
Email Recipient
|
Ä¡·á ¹æ¹ý |
Åͺ¸¹é½Å Ai, Åͺ¸¹é½Å 2001 ¶Ç´Â Åͺ¸¹é½Å OnlineÀ¸·Î Ä¡·á
°¡´É ÇÕ´Ï´Ù.
¹ÙÀÌ·¯½º Ä¡·áÈÄ ÀÎÅÍ³Ý ÀͽºÇ÷η¯ 6.0 À¸·Î ¾÷±×·¡À̵å Çϰųª
´ÙÀ½ÀÇ url ¿¡¼ ¾Æ¿ô·è ÆÐÄ¡¸¦ ¹Þ¾Æ¾ß ÇÑ´Ù.
http://www.microsoft.com/korea/technet/security/bulletin/MS01-020.asp
|
Á÷Á¢Ä¡·á¹æ¹ý |
|
|
|
|
|