From a16428b6ff392aded220b339cb397da836286ac5 Mon Sep 17 00:00:00 2001
From: Victor Gracia Engutia <victor@brutalix.org>
Date: Sat, 12 Jul 2025 21:19:31 +0200
Subject: [PATCH] Respuesta a incidentes files

---
 .../Practica4/sample-strings-analysis.txt     | 217 ++++++++++++++++++
 1 file changed, 217 insertions(+)
 create mode 100644 RespuestaAIncidentes/Practica4/sample-strings-analysis.txt

diff --git a/RespuestaAIncidentes/Practica4/sample-strings-analysis.txt b/RespuestaAIncidentes/Practica4/sample-strings-analysis.txt
new file mode 100644
index 0000000..9612936
--- /dev/null
+++ b/RespuestaAIncidentes/Practica4/sample-strings-analysis.txt
@@ -0,0 +1,217 @@
+
+Strings v2.54 - Search for ANSI and Unicode strings in binary images.
+Copyright (C) 1999-2021 Mark Russinovich
+Sysinternals - www.sysinternals.com
+
+!This program cannot be run in DOS mode.
+`.rdata
+@.data
+u9hlq@
+~6h s@
+t)h@R@
+AWinUpdater.exe
+RSDS#Z
+C:\Users\User\source\repos\ConsoleApplication1\Release\ConsoleApplication1.pdb
+.text$mn
+.idata$5
+.00cfg
+.CRT$XCA
+.CRT$XCAA
+.CRT$XCZ
+.CRT$XIA
+.CRT$XIAA
+.CRT$XIAC
+.CRT$XIZ
+.CRT$XPA
+.CRT$XPZ
+.CRT$XTA
+.CRT$XTZ
+.rdata
+.rdata$voltmd
+.rdata$zzzdbg
+.rtc$IAA
+.rtc$IZZ
+.rtc$TAA
+.rtc$TZZ
+.xdata$x
+.idata$2
+.idata$3
+.idata$4
+.idata$6
+.rsrc$01
+.rsrc$02
+ShellExecuteA
+SHELL32.dll
+CreateFileA
+WriteFile
+GetTempPathA
+CloseHandle
+ReleaseMutex
+ExitProcess
+CreateThread
+TerminateThread
+GetTickCount
+Wow64DisableWow64FsRedirection
+ExpandEnvironmentStringsA
+DeleteFileA
+GetCommandLineA
+GetLastError
+CreateMutexA
+GetSystemDirectoryA
+GetVersionExA
+Wow64RevertWow64FsRedirection
+GetModuleFileNameA
+CopyFileA
+KERNEL32.dll
+RegCloseKey
+RegCreateKeyExA
+RegDeleteValueA
+RegQueryValueExA
+RegSetValueExA
+api-ms-win-core-registry-l1-1-0.dll
+WS2_32.dll
+InternetOpenA
+InternetCloseHandle
+InternetOpenUrlA
+InternetReadFile
+InternetGetConnectedState
+WININET.dll
+GetUserNameA
+ADVAPI32.dll
+memcpy
+memset
+strstr
+__current_exception
+__current_exception_context
+_except_handler4_common
+VCRUNTIME140.dll
+strcat
+strcmp
+strcpy
+strlen
+strncpy
+__acrt_iob_func
+__stdio_common_vfprintf
+__stdio_common_vsprintf
+malloc
+strtok
+toupper
+strncmp
+_time64
+_seh_filter_exe
+_set_app_type
+__setusermatherr
+_configure_narrow_argv
+_initialize_narrow_environment
+_get_initial_narrow_environment
+_initterm
+_initterm_e
+_set_fmode
+__p___argc
+__p___argv
+_cexit
+_c_exit
+_register_thread_local_exe_atexit_callback
+_configthreadlocale
+_set_new_mode
+__p__commode
+_initialize_onexit_table
+_register_onexit_function
+_crt_atexit
+_controlfp_s
+terminate
+api-ms-win-crt-string-l1-1-0.dll
+api-ms-win-crt-stdio-l1-1-0.dll
+api-ms-win-crt-heap-l1-1-0.dll
+api-ms-win-crt-convert-l1-1-0.dll
+api-ms-win-crt-utility-l1-1-0.dll
+api-ms-win-crt-time-l1-1-0.dll
+api-ms-win-crt-runtime-l1-1-0.dll
+api-ms-win-crt-math-l1-1-0.dll
+api-ms-win-crt-locale-l1-1-0.dll
+QueryPerformanceCounter
+GetCurrentProcessId
+GetCurrentThreadId
+GetSystemTimeAsFileTime
+InitializeSListHead
+IsDebuggerPresent
+UnhandledExceptionFilter
+SetUnhandledExceptionFilter
+IsProcessorFeaturePresent
+GetModuleHandleW
+GetCurrentProcess
+TerminateProcess
+rm.bat
+@echo off
+:start
+if not exist "%s" goto done
+del "%s"
+goto start
+del "%s"
+NOTICE %s :%s
+thread %d (%s) killed
+Liberando ParamsThreads[%d][%d] = %p
+Todo bien liberado
+Error creating file
+Mozilla/4.0
+Error InternetOpen
+Error InternetOpenUrl
+File downloaded to: %s size: %lu bytes, Speed: %.2f KB/s
+SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
+Win32Driver
+[-] Error al crear socket.
+[-] No se pudo resolver el host: %s
+[-] Fall
+ la conexi
+n a %s:%d
+[+] Conexi
+n establecida con %s:%d
+%d.%d.%d.%d
+couldn't resolve host
+NICK %s
+USER %s x.com x :x
+PONG %s
+JOIN #SevenKingsMustDie Stiorra
+PRIVMSG
+Uhtred Ragnarsson
+?dontuseme
+threads
+%d: %s %s
+ (trying to kill)
+%PROCESSOR_IDENTIFIER%
+Windows %s. uptime: %dd %dh %dm. cpu %iMHz. online: %dd %dh %dm. User: %s. IP: %s Host: %s. CPU: %s.
+killthread
+?disconnect
+execute
+delete
+webfind64
+Download
+socks4
+socks4
+Error GetModuleFileNameA: %lu
+Error GetSystemDirectoryA: %lu
+SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
+Win32Driver
+Win32Driver
+qwer%s
+Unknown
+NT 3.51
+NT 4.0
+%s [%s]
+InternetBotConection
+unknown
+qertwetdsfvsdqeqasdasdasd.com
+could not open port
+Socks4 server waiting for connections
+abcdefghijklmnopqrstuvwxyz
+Uptime: %dd %dh %dm | CPU: %u
+<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
+<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
+  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
+    <security>
+      <requestedPrivileges>
+        <requestedExecutionLevel level='asInvoker' uiAccess='false' />
+      </requestedPrivileges>
+    </security>
+  </trustInfo>
+</assembly>