I-Worm.Win32.Klez.E
º° Ī : W32.Klez.E@mm(Symantec)
ºÐ ·ù : ÀÎÅÍ³Ý ¿ú È° µ¿ O S : Win32
Á¦ ÀÛ Áö : ¿Ü»ê ¹ß °ß ÀÏ : 2002-01-17
´ëÇ¥ÀûÁõ»ó : ÇÁ·Î¼¼½º Á¾·á È° µ¿ ÀÏ :
»ó¼¼Á¤º¸
ÀÌ ¹ÙÀÌ·¯½º´Â e-¸ÞÀÏ°ú ³×Æ®¿öÅ©ÀÇ Àаí/¾²±â¿ëÀ¸·Î °øÀ¯µÈ Æú´õ¸¦ ÅëÇؼ °¨¿°µÇ´Â ¿úÀ¸·Î ºÐ·ùµÈ´Ù.
ÇØ¿Ü¿¡¼´Â 2002³â 1¿ù 17ÀÏ º¸°íµÇ¾úÀ¸¸ç, ±¹³»¿¡´Â 2002³â 1¿ù 18ÀÏ ÇöÀç °¨¿°º¸°í°¡ ¾ø´Ù.
2001³â¿¡ ¹ß»ýÇÏ¿´´ø I-Worm.Win32.KlezÀÇ º¯ÇüÁß Çϳª·Î °¨¿°½Ã Á¤»óÀûÀÎ ÆÄÀÏ¿¡ °¨¿°µÇ´Â Win32.Elkern ¹ÙÀÌ·¯½º¸¦ Æ÷ÇÔÇÏ°í Àִ°ÍÀº µ¿ÀÏÇÏ´Ù.
- »ý¼º ÆÄÀÏ
À©µµ¿ì ½Ã½ºÅÛ Æú´õ(OS°¡ 1°³ Á¸ÀçÇÏ´Â ½Ã½ºÅÛ ±âÁØÀ¸·Î WindowsSystem)¿¡
# 'Wink(·£´ýÇÑ ¹®ÀÚ).EXE[78-81 ¹ÙÀÌÆ® »çÀÌ]'·Î ÀбâÀü¿ë/¼û±è/½Ã½ºÅÛ ¼Ó¼ºÀÌ °É·ÁÀÖ´Ù'
¿¹¸¦ µé¾î) WINKFG.EXE
# WQK.EXE(Win32.Elkern.B ¿¡ °¨¿°µÈ Á¤»óÀûÀÎ ÆÄÀÏÁß Çϳª°¡ À̸§ÀÌ º¯°æµÇ¾î ÀúÀåµÈ °ÍÀÌ¸ç ¿ª½Ã ÀбâÀü¿ë/¼û±è/½Ã½ºÅÛ ¼Ó¼ºÀÌ °É·ÁÀÖ´Ù.)
- ÀüÆÄ ¹æ¹ý
e-¸ÞÀÏÀ» ÅëÇÑ °¨¿°°ú ³×Æ®¿öÅ©»óÀÇ °øÀ¯µÈ Æú´õ·Î °¨¿°µÇ´Â ¹æ¹ýÀÌ ÀÖ´Ù.
# ù¹ø° ¹æ¹ýÀÎ e-¸ÞÀÏÀ» ÅëÇÑ °¨¿°½Ã¿¡´Â Á¦¸ñ°ú / ³»¿ë / ÷ºÎ ÆÄÀÏÀº ·£´ýÇÏ°Ô °áÁ¤µÇ¸ç, ƯÈ÷ ¸ÞÀÏÀ» ÀÐ¾î º¸±â¸¸Çصµ ÷ºÎ ÆÄÀÏÀÌ ÀÚµ¿À¸·Î ½ÇÇàµÇ´Â ¾Æ¿ô·è°ú ¾Æ¿ô·è ÀͽºÇÁ·¹½ºÀÇ ¹ö±×¸¦ ÀÌ¿ëÇϱ⠶§¹®¿¡, º¸¾È ÆÐÄ¡¸¦ ÇÏÁö ¾ÊÀº ½Ã½ºÅÛ¿¡¼´Â ¸ÞÀÏÀ» Àо´Â °Í¸¸À¸·Îµµ °¨¿°ÀÌ ÀϾÙ. e-¸ÞÀÏÀÇ ¹ß¼Û ´ë»óÀº ¾Æ¿ô·è ÁÖ¼Ò·Ï¿¡ µî·ÏµÈ ¸ðµç »ç¿ëÀÚ ÀÌ´Ù.
¸ÞÀÏ ¹ß¼Û½Ã Á¦¸ñ,º»¹®,÷ºÎ ÆÄÀÏÀ» ´ÙÀ½°ú °°´Ù.
Á¦¸ñ : ¾Æ·¡ÀÇ ¿µ¹® ¹®ÀÚ¿ Áß Çϳª·Î ·£´ýÇÏ°Ô °áÁ¤µÈ´Ù.
How are you
Let's be friends
Darling
Don't drink too much
Your password
Honey
Some questions
Please try again
Welcome to my hometown
the Garden of Eden
introduction on ADSL
Meeting notice
Questionnaire
Congratulations
Sos!
japanese girl VS playboy
Look,my beautiful girl friend
Eager to see you
Spice girls' vocal concert
Japanese lass' sexy pictures
º» ¹® : º»¹® ¿ª½Ã ·£´ýÇÏ°Ô °áÁ¤µÇ³ª ¾Æ¹«·± ³»¿ëµµ Æ÷ÇÔÇÏ°í ÀÖÁö ¾ÊÀº °æ¿ìµµ ÀÖ´Ù.
÷ºÎ ÆÄÀÏ : ÷ºÎ ÆÄÀÏ ¿ª½Ã ·£´ýÇÏ°Ô °áÁ¤µÇ³ª ¾Æ·¡ÀÇ È®Àå¸íÀº Æ÷ÇÔÇÏ°í ÀÖ´Ù.
.PIF
.SCR
.EXE
.BAT
# ´Ù¸¥ ÀüÆÄ ¹æ¹ýÀº ³×Æ®¿öÅ©·Î °¨¿°µÇ´Â ¹æ¹ýÀε¥, Æú´õ¸¦ Àаí/¾²±â¿ëÀ¸·Î ¿¾îµÎ¸é ÀÚµ¿À¸·Î ¿úÀ» º¹»çÇØ ³ÖÀ¸¸é¼ °¨¿°µÈ´Ù.
- Áõ»ó
# ¿ú¿¡ °¨¿°µÇ¸é,ÀϺΠ¾ÈƼ ¹ÙÀÌ·¯½º(Anti-Virus)ÇÁ·Î±×·¥°ú Àß ¾Ë·ÁÁø ¹ÙÀÌ·¯½º¸¦ °Á¦·Î Á¾·á½ÃÅ°´Âµ¥,±× Áß Á¾·á½ÃÅ°´Â ¹ÙÀÌ·¯½º ¸®½ºÆ®´Â ´ÙÀ½°ú °°´Ù.
¹ÙÀÌ·¯½º ÇÁ·Î¼¼½º ¸®½ºÆ® :
"CodeRed"
"WQKMM3878"
"GRIEF3878"
"Fun Loving Criminal"
"Sircam"
"Nimda"
# °¨¿°µÈ ÈÄ Àç ºÎÆýà ºí·ç½ºÅ©¸°ÀÌ ³ªÅ¸³ª±âµµ ÇÏ¸ç ºÎÆÃÀÌ ¾ÈµÉ ¼öµµ ÀÖ´Ù.
- ÀÚµ¿ ½ÇÇà
·¹Áö½ºÆ®¸® "HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun"À§Ä¡¿¡
À̸§ : Wink[·£´ýÇÑ ¹®ÀÚ¿]
µ¥ÀÌÅÍ : C:WindowsSystemWink[·£´ýÇÑ ¹®ÀÚ¿].exe
µ¿ÀÏÇÑ À§Ä¡¿¡
À̸§ : WQK
µ¥ÀÌÅÍ : C:WindowsSystemWqk.exe
* I-Worm.Win32.Klez ¿øÇüÁ¤º¸
- //www.hauri.co.kr/virus/vir_info_detail.html?uid=238
*ÃÖÃÊÀÛ¼º : 2002/01/18 09:35am
*º» ¹ÙÀÌ·¯½º Á¤º¸´Â ¿£Áø¾÷µ¥ÀÌÆ®¿Í µ¿½Ã¿¡ ¼öÁ¤ ¹× ¾÷µ¥ÀÌÆ® µÉ ¿¹Á¤ÀÌ´Ù.
Ä¡·á¹æ¹ý
Á¤»óÀûÀÎ ÆÄÀÏ¿¡ °¨¿°µÇ´Â ¹ÙÀÌ·¯½º¸¦ Æ÷ÇÔÇÏ°í ÀÖÀ¸¹Ç·Î ¹Ýµå½Ã ¹é½ÅÇÁ·Î±×·¥À» ÀÌ¿ëÇÏ¿© Áø´Ü ¹× Ä¡·á¸¦ ÇؾßÇÏ¸ç ´ÙÀ½ÀÇ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿© ¸ÞÀÏÀÇ ¹Ì¸®º¸±â¸¸À¸·Î °¨¿°µÇ´Â°ÍÀ» Â÷´ÜÇؾßÇÑ´Ù.
¶ÇÇÑ ´ÙÀ½ÀÇ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿© º¸¾È Ãë¾àÁ¡À» ±Ùº»ÀûÀ¸·Î Á¦°ÅÇØ¾ß ÇÑ´Ù.
[Microsoft º¸¾ÈÆÐÄ¡ Ç׸ñ]
* Outlook Express
- //www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp
* Outlook 2000
- //office.microsoft.com/korea/downloads/2000/outlctlx.aspx
* Outlook 2002 (Office XP)
- //office.microsoft.com/korea/downloads/2002/OLK1003.aspx
