(4)行为描述: 创建新文件进程 详情信息: [0x00000c30]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_documents.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorMy Documents" "09-06-2020-4:51:51_documents" [0x00000c44]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_appdata.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorApplication Data" "09-06-2020-4:51:51_appdata" [0x00000c5c]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_localappdata.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorLocal SettingsApplication Data" "09-06-2020-4:51:51_localappdata" [0x00000c64]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_onedrive.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorOneDrive" "09-06-2020-4:51:51_onedrive" [0x00000c6c]ImagePath = C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe, CmdLine = "C:DOCUME~1ADMINI~1LOCALS~1Temp.nsis_filesWinSCP.exe" /ini=null /script="script.txt" /log="winscp_pictures.log" /loglevel=0 /parameter "C:Documents and SettingsAdministratorPictures" "09-06-2020-4:51:51_pictures" (5)文件行为 行为描述: 创建文件 详情信息: C:Documents and SettingsAdministratorLocal SettingsTempsi9.tmp C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesWinSCP.exe C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesscript.txt C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filessetup.exe C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmp C:Documents and SettingsAdministratorLocal SettingsTempsyA.tmpSystem.dll C:Documents and SettingsAdministratorApplication Datawinscp.rnd C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_appdata.log C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_onedrive.log C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_localappdata.log C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_documents.log C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_fileswinscp_pictures.log C:Documents and SettingsAdministratorLocal SettingsTemp.nsis_filesull (责任编辑:admin1) |