AutoRun.inf
[autorun]
open=.\RECYCLER\RECYCLER\autorun.exe
shell\1=Open
shell\1\Command=.\RECYCLER\RECYCLER\autorun.exe
shell\2\=Browser
shell\2\Command=.\RECYCLER\RECYCLER\autorun.exe
shellexecute=.\RECYCLER\RECYCLER\autorun.exe
[autorun]
open=CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe
icon=%SystemRoot%\system32\SHELL32.dll,4
action=Open folder to view files
shell\open=Open
shell\open\command=CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe
shell\open\default=1
USB 메모리 공간에 Autorun.inf 나 휴지통 디렉토리가 생성되었다면 감염 가능성 존재
728x90
댓글