What happens if you run the result of the malware (below) on a clean computer?

A

Acroni2017-03-09 13:19:30

Malware

Acroni, 2017-03-09 13:19:30

They dragged an infected flash drive, accidentally launched a shortcut with the contents of the path

C:\WINDOWS\system32\cmd.exe /c start ..\MozillaFirefox\GoogleChrome.exe  /AutoIt3ExecuteScript  ..\MozillaFirefox\GoogleChrome.a3x explorer  "%" & ChrW(21+46) & String( ChrW(92-24) ) & String("%")  & exit

Is there any reason to fear that it could work on a clean computer without chrome and autoit installed with administrative rights and an ethernet connection to the Internet? What does the code above actually do? I will add that the shortcuts were transferred manually and launched already without a flash drive, that is, the question essentially relates exclusively to the code presented above - is it dangerous in itself?
The shortcut files themselves are less than a kilobyte, they are defined on virustotal as

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

E

Ezhyg, 2017-03-09
@Ezhyg

If the GoogleChrome.a3x script itself is not there , but there really was only a shortcut, then nothing will happen. Moreover, the malware should have been executed with a call to the fake GoogleChrome.exe browser , which for some reason was copied to the firelis folder.