![]() tmpĭirectory created: C:\Program Files\Ele ctronic Te am\Donglif y\is-0DBU9. tmpĭirectory created: C:\Program Files\Ele ctronic Te am\Donglif y\is-66E1T. tmpĭirectory created: C:\Program Files\Ele ctronic Te am\Donglif y\is-6KMJ3. datĭirectory created: C:\Program Files\Ele ctronic Te am\Donglif y\is-AG7LV. Source: C:\Users\u ser\AppDat a\Local\Te mp\is-ER85 T.tmp\dong lify.tmpĭirectory created: C:\Program Files\Ele ctronic Te amĭirectory created: C:\Program Files\Ele ctronic Te am\Donglif yĭirectory created: C:\Program Files\Ele ctronic Te am\Donglif y\unins000. Uses secure TLS version for HTTPS connections ![]() Static PE information: LOCAL_SYMS _STRIPPED, 32BIT_MAC HINE, BYTE S_REVERSED _LO, EXECU TABLE_IMAG E, LINE_NU MS_STRIPPE D, BYTES_R EVERSED_HI, RELOCS_S TRIPPED tmp\dongli fy.tmp, Pa rentProces sId: 5516, ProcessCo mmandLine: 'C:\Windo ws\system3 2\netsh.ex e' advfire wall firew all add ru le name=Do nglify_ser vice dir=i n action=a llow progr am='C:\Pro gram Files \Electroni c Team\Don glify\dong lify64.exe ' enable=y es, Proces sId: 6576 ![]() exe' enab le=yes, Co mmandLine: 'C:\Windo ws\system3 2\netsh.ex e' advfire wall firew all add ru le name=Do nglify_ser vice dir=i n action=a llow progr am='C:\Pro gram Files \Electroni c Team\Don glify\dong lify64.exe ' enable=y es, Comman dLine|base 64offset|c ontains: i jY, Image: C:\Window s\System32 \netsh.exe, NewProce ssName: C: \Windows\S ystem32\ne tsh.exe, O riginalFil eName: C:\ Windows\Sy stem32\net sh.exe, Pa rentComman dLine: 'C: \Users\use r\AppData\ Local\Temp \is-ER85T. Sigma detected: Netsh Port or Application AllowedĪuthor: Markus Neis, Sander Wiebing: Data: Comm and: 'C:\W indows\sys tem32\nets h.exe' adv firewall f irewall ad d rule nam e=Donglify _service d ir=in acti on=allow p rogram='C: \Program F iles\Elect ronic Team \Donglify\ donglify64.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |