12/30/2023 0 Comments Ushareit windowsHooking and other Techniques for Hiding and Protection:Įavesdrop on Insecure Network Communication Key value queried: HKEY_LOCAL _MACHINE\S OFTWARE\Cl asses\WOW6 432Node\CL SID\\InProcS erver32 Uses an in-process (OLE) Automation server Process created: C:\Windows \SysWOW64\ wget.exe w get -t 2 -v -T 60 - P 'C:\User s\user\Des ktop\downl oad' -no- check-cert ificate - content-di sposition -user-age nt='Mozill a/5.0 (Win dows NT 6. Process created: C:\Windows \System32\ conhost.ex e C:\Windo ws\system3 2\conhost. Process created: C:\Windows \SysWOW64\ cmd.exe C: \Windows\s ystem32\cm d.exe /c w get -t 2 - v -T 60 -P 'C:\Users \user\Desk top\downlo ad' -no-c heck-certi ficate -c ontent-dis position -user-agen t='Mozilla /5.0 (Wind ows NT 6.1 WOW64 T rident/7.0 AS rv:1 1.0) like Gecko' 'ht tp://dts.u m/?length= 821' > cmd line.out 2 >&1 Key opened: HKEY_CURRE NT_USER\So ftware\Pol icies\Micr osoft\Wind ows\Safer\ CodeIdenti fiersįile read: C:\Windows \System32\ drivers\et c\hosts Mutant created: \Sessions\ 1\BaseName dObjects\L ocal\SM0:2 484:120:Wi lError_01 Source: C:\Windows \System32\ conhost.ex e Classification label: clean0.win files inside the user directoryįile created: C:\Users\u ser\Deskto p\cmdline.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |