Answer the question
In order to leave comments, you need to log in
A
A
Acroni2017-03-09 13:19:30
Acroni, 2017-03-09 13:19:30
What happens if you run the result of the malware (below) on a clean computer?
They dragged an infected flash drive, accidentally launched a shortcut with the contents of the path
C:\WINDOWS\system32\cmd.exe /c start ..\MozillaFirefox\GoogleChrome.exe /AutoIt3ExecuteScript ..\MozillaFirefox\GoogleChrome.a3x explorer "%" & ChrW(21+46) & String( ChrW(92-24) ) & String("%") & exitIs there any reason to fear that it could work on a clean computer without chrome and autoit installed with administrative rights and an ethernet connection to the Internet? What does the code above actually do? I will add that the shortcuts were transferred manually and launched already without a flash drive, that is, the question essentially relates exclusively to the code presented above - is it dangerous in itself?
The shortcut files themselves are less than a kilobyte, they are defined on virustotal as
1 answer(s)
@Ezhyg
E
Ezhyg, 2017-03-09 @Ezhyg
If the GoogleChrome.a3x script itself is not there , but there really was only a shortcut, then nothing will happen. Moreover, the malware should have been executed with a call to the fake GoogleChrome.exe browser , which for some reason was copied to the firelis folder.
Similar questions
M
S
L
ligisayan2015-07-30 10:59:59
How to remove a virus that blocked access to the site's admin panel?
3Reply
A
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question