本帖最后由 lsop1349987 于 2025-7-22 21:16 编辑
emsi、Avira(免费版)、avast、drweb(无防火墙)、金山毒霸、360、McAfee、趋势个人版双击miss,显示已成功上传数据hmpa双击kill
emsiEDR记录:
msedge.exe
Behavior AI (EDR) determined a severity of 'Notable' based on the following observed behavior patterns: - Browser execution in headless mode (MITRE T1105)
app_runtime.exe
Behavior AI (EDR) determined a severity of 'Notable' based on the following observed behavior patterns: - Browser execution in headless mode (MITRE T1105)
- PowerShell with unsecure execution policy (MITRE T1059.001)
- Non-interactive PowerShell (MITRE T1059.001)
- Connection to commonly abused Top Level Domain (MITRE T1566, T1203, T1204.002)
同时包括访问可疑ip,创建文件等记录
| 
发表于 
)
,感觉上当受骗了
楼主
