- https://any.run/report/9f43dee732113b895e5fbbbd504a8df269a30a6e7991c1868ec300abb7d328af/ad4e5874-be79-497b-ada9-51c9ef27b649
- schtasks.exe /create /tn "SearchProtocolHost" /sc ONLOGON /tr "'C:\ProgramData\Documents\SearchProtocolHost.exe'" /rl HIGHEST /f
- https://any.run/report/81fa712681bb086e3a25d2ee78e5c40c7d5b494526978c8cf5e813afd08ddddb/5bd18b62-e000-4123-a307-65bb0e79e09b
- schtasks.exe /create /tn "KybfAlCxBt" /tr "C:\\Users\\admin\\AppData\\Roaming\\bhPOgJpGyu\\KybfAlCxBt.exe.pif C:\\Users\\admin\\AppData\\Roaming\\bhPOgJpGyu\\G" /sc onstart /F /RU SYSTEM
- https://any.run/report/3b4e9d9fdb7262f1f62072f7f9b7d48086fcb39b3343b21ae7bfa8f633ee2166/162224d2-8ce1-45fe-be66-ce2079469c3d
- "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN ytouk.exe /TR "C:\Users\admin\AppData\Local\Temp\cdfc44d951\ytouk.exe" /F
- https://any.run/report/215a0c4e4f3afb524eceb0d3b9cf425ab020900754bf53b5676508215b5dce14/88c7740a-8334-4482-a28d-f609d0549b53
- "C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ZcnAese" /XML "C:\Users\admin\AppData\Local\Temp\tmp4C88.tmp"
- https://any.run/report/708cf8c498731e0e0f42cf670fbdf0eb157657a2bdb84a7285742d0492f5592b/03848712-1eff-403e-8ef5-33631186c367
- "C:\Windows\System32\schtasks.exe" /Create /TN "Updates\kqrLYJipYzkfF" /XML "C:\Users\admin\AppData\Local\Temp\tmp82DF.tmp"
posted @
2022-03-20 17:31
bonelee
阅读(
79)
评论()
编辑
收藏
举报
