|
|
文件名称:
RF下载器.exe
MD5: e57ef9868e08869084671c1ef947a987
文件类型: EXE
上传时间: 2021-06-28 14:37:38
出品公司: N/A
版本: N/A
壳或编译器信息: COMPILER:Elan
关键行为
行为描述: 设置特殊文件夹属性
详情信息:
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改注册表_UAC关键设置
详情信息:
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA
行为描述: 获取窗口截图信息
详情信息:
Foreground window Info: HWND = 0x00010014, DC = 0x0c0101e7.
行为描述: 在桌面创建文件
详情信息:
C:\Documents and Settings\Administrator\桌面\RF.exe
行为描述: 获取TickCount值
详情信息:
TickCount = 297468, SleepMilliseconds = 60000.
TickCount = 297484, SleepMilliseconds = 60000.
TickCount = 297578, SleepMilliseconds = 60000.
TickCount = 297625, SleepMilliseconds = 60000.
TickCount = 297640, SleepMilliseconds = 60000.
TickCount = 297765, SleepMilliseconds = 60000.
TickCount = 297796, SleepMilliseconds = 60000.
TickCount = 297812, SleepMilliseconds = 60000.
TickCount = 299859, SleepMilliseconds = 60000.
TickCount = 299890, SleepMilliseconds = 60000.
TickCount = 240218, SleepMilliseconds = 250.
|
|
[复制链接]
雷达卡
发表于 2021-6-28 14:42
显身卡