# 도메인
omc2015asm.ddns.net - 185.86.162.29
# 호스트 변화
%APPDATA%\[랜덤문자열]\[랜덤문자열].exe
시작프로그램 등록
%TMP%\pid.txt
%TMP%\lol.bin
# 백도어 의심 문자열
NEW2015
ViewClientFiles
saveTextEdit
SearchFilesFromClient
StopSearchingFiles
CreateNewFolder
ViewRecycleBin
RestoreFromRecycleBin
MoveFromRecycleBin
DeleteFromRecycleBin
EmptyFilesRecycleBin
MoveFilesToDir
CopyFilesToDir
MoveFilesToRecycleBin
DeleteFileFromDrive
DownloadFilesFromClient
UploadFilestoClient
EmailThisFiles
UploadFromURL
renameClientID
getProcessList
SuspendClientProcess
ResumeClientProcess
EndClientProcess
getWindowsList
WindowMaximized
WindowMinimized
WindowRestore
WindowRename
WindowClose
getServicesRunning
StartClientService
StopClientService
getClientRegistry
regEditRegValue
CreateRegistryKey
regRenameRegValue
regDelRegValue
regDelRegKey
refreshReg
getClientStartupfiles
getClientInstalledfiles
getClientAllInstalledfiles
StartRemoteDesktopControl
StopRemoteDesktopControl
RemoteDesktopControlSize
RemoteDesktopControlQuality
MouseRightMove
MouseLeftMove
KeyboardPress
KeyboardXPress
getClientWebcamDevices
startClientWebcam
stopClientWebcam
getClientKeystrokes
ViewKeylogFiles
DeleteKeylogFile
getBrowserPasswords
StartClientMicSounds
StopClientMicSounds
PlayRecordedMicSounds
RunCmdLines
StartVBScript
StartBATScript
ShellExecuteCommand
SendIMStream
OpenCDROMDrive
CloseCDROMDrive
MsgBoxWindowList
ClientMessageBox
DesktopWallpaper
TextToSpeech
PlayMP3File
ShutDownPC
RestartPC
StandByPC
getMoreInfo
refreshClientInfo
ViewClientInThumbnail
UpdateClientFromFile
UpdateClientFromURL
TerminateClientFile
UninstallClientFile
onConnectUploadFromURL
ListofFaveFolders
PCDriveList
FilesAndFoldersList
ClientFiles
SearchedFiles
SearchedFilesDone
FilesInRecycleBin
DLFilesToHost
ClientProcesses
ClientServices
StartupFilesList
ClientInstalledfiles
RemoteDesktopControlImg
ClientWebcamDevices
ClientWebcamImages
KeystrokeLogFiles
KeystrokeViewlogsFiles
ClientMicSounds
SendChatMessage
ClientWindowListMB
ClientAdditionalInfo