SHA256: ac9212e0ed7efbff1f63bc5338722819dc78a3bf79de73b2dbfc41a8ef2df163
File name: PO0015012081-1-0.exe
Detection ratio: 7 / 56
Analysis date: 2015-12-02 08:18:59 UTC ( 34 minutes ago )
https://www.virustotal.com/en/fi ... 8ef2df163/analysis/
没看懂……
2015/12/2 16:53:42,C:\Windows\explorer.exe,53,Allowed ;Execution of an application ("C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe" )
2015/12/2 16:53:48,C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe,47,Allowed ;Creating alternate data stream (C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe:Zone.Identifier)
2015/12/2 16:53:53,C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe,53,Allowed ;Execution of an application ("C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe" /AutoIt3ExecuteScript C:\Users\AAAAA\AppData\Local\Temp\lol.bin)
2015/12/2 16:53:55,C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe,47,Allowed ;Creating alternate data stream (C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe:Zone.Identifier)
2015/12/2 16:53:57,C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe,53,Allowed ;Execution of an application ("C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe")
2015/12/2 16:53:59,C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe,50,Allowed ;Accessing the network via DNSResolver service
2015/12/2 16:54:00,C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe,48,Allowed ;Outgoing network access
2015/12/2 16:54:05,C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe,53,Allowed ;Execution of an application (C:\windows\system32\cmd.exe /c ""C:\Users\AAAAA\AppData\Local\Temp\63684765.bat" "C:\Users\AAAAA\Desktop\1111\PO0015012081-1-0.exe" ")
|