Technical Information
- %PROGRAM_FILES%\Tabbar\tabbar.exe Y;<Full path to virus>;mediaweb
- %PROGRAM_FILES%\Tabbar\tabbar.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\su[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\fchk[1].htm
- %PROGRAM_FILES%\Tabbar\tbva.exe
- %PROGRAM_FILES%\Tabbar\tabbar.dll
- %PROGRAM_FILES%\Tabbar\tabbar.exe
- %PROGRAM_FILES%\Tabbar\tbrn.exe
- 'lo#.##bbar.co.kr':80
- 'en#.##bbar.co.kr':80
- en#.##bbar.co.kr/fchk.php
- lo#.##bbar.co.kr/su.php
- DNS ASK lo#.##bbar.co.kr
- DNS ASK en#.##bbar.co.kr