织梦CMS - 轻松建站从此开始!
高级搜索|网站地图|TAG标签RSS订阅[设为首页] [加入收藏]

我的网站

搜索

热门标签:

当前位置: 主页 > 区块链

慢雾:技术分析针对交易所用户的伪 Electrum 鱼叉钓鱼攻击 (3)

时间:2020-06-11 16:42来源:未知 作者:admin 点击:
(6)行为描述: 创建可执行文件 详情信息: C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmpS

  (6)行为描述: 创建可执行文件

  详情信息:

  C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe      C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmpSystem.dll

  (7)行为描述: 覆盖已有文件

  详情信息:

  C:Documents and SettingsAdministratorApplication Datawinscp.rnd      C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesull

  (8)行为描述: 查找文件

  详情信息:

  FileName = C:Documents and Settings      FileName = C:Documents and SettingsAdministrator      FileName = C:Documents and SettingsAdministratorLocal Settings      FileName = C:Documents and SettingsAdministratorLocal SettingsTemp      FileName = C:Documents and SettingsAdministratorLocal Settings%temp%      FileName = C:DOCUME~1ADMINI~1LOCALS~1TempsyA.tmp      FileName = C:DOCUME~1      FileName = C:DOCUME~1ADMINI~1      FileName = C:DOCUME~1ADMINI~1LOCALS~1      FileName = C:DOCUME~1ADMINI~1LOCALS~1Temp      FileName = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe      FileName = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.zh-CN      FileName = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.zh-Hans      FileName = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.zh      FileName = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.CHS

  (9)行为描述: 删除文件

  详情信息:

  C:Documents and SettingsAdministratorLocal SettingsTempsi9.tmp      C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmp

  (10)行为描述: 修改文件内容

  详情信息:

  C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesWinSCP.exe ---> Offset = 0C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesWinSCP.exe ---> Offset = 32768C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesWinSCP.exe ---> Offset = 33203C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesWinSCP.exe ---> Offset = 65971C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesWinSCP.exe ---> Offset = 66905C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesscript.txt ---> Offset = 0C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe ---> Offset = 0C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe ---> Offset = 24146C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe ---> Offset = 44980C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe ---> Offset = 60884C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe ---> Offset = 93652C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmpSystem.dll ---> Offset = 0C:Documents and SettingsAdministratorApplication Datawinscp.rnd ---> Offset = 0C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_appdata.log ---> Offset = 0C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_appdata.log ---> Offset = 102 (责任编辑:admin1)
织梦二维码生成器
顶一下
(0)
0%
踩一下
(0)
0%
------分隔线----------------------------
发表评论
请自觉遵守互联网相关的政策法规,严禁发布色情、暴力、反动的言论。
评价:
表情:
用户名: 验证码:点击我更换图片
最新评论 进入详细评论页>>
栏目列表
推荐内容
热点内容

Powered by DedeCMS_V57_UTF8_SP2 © 2007-2021 DesDev Inc.

Copyright © 2007-2021 上海卓卓网络科技有限公司