Technical Information
- '' (downloaded from the Internet)
- %WINDIR%\rundll32.exe
- 'nm###nogame.kr':80
- http://nm###nogame.kr/DOWN/CCCC.exe
- DNS ASK nm###nogame.kr
- ClassName: 'POKER_CANVAS' WindowName: '게임 클라이언트'
- ClassName: 'REALGAME_CANVAS' WindowName: '게임 클라이언트'
- ClassName: 'CXG_WNDCLASS' WindowName: ''
- ClassName: 'UnityWndClass' WindowName: '마지노홀덤'
- ClassName: 'UnityWndClass' WindowName: '텍사스홀덤'
- '%WINDIR%\rundll32.exe'
- '%WINDIR%\syswow64\cmd.exe' /c route delete 222.239.248.188' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c route add 222.239.248.188 mask 255.255.255.255 10.0.45.58' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c route delete 222.239.248.188
- '%WINDIR%\syswow64\cmd.exe' /c route add 222.239.248.188 mask 255.255.255.255 10.0.45.58
- '%WINDIR%\syswow64\route.exe' delete 222.239.248.188
- '%WINDIR%\syswow64\route.exe' add 222.239.248.188 mask 255.255.255.255 10.0.45.58