Respuesta a incidentes files
This commit is contained in:
217
RespuestaAIncidentes/Practica4/sample-strings-analysis.txt
Normal file
217
RespuestaAIncidentes/Practica4/sample-strings-analysis.txt
Normal file
@ -0,0 +1,217 @@
|
||||
|
||||
Strings v2.54 - Search for ANSI and Unicode strings in binary images.
|
||||
Copyright (C) 1999-2021 Mark Russinovich
|
||||
Sysinternals - www.sysinternals.com
|
||||
|
||||
!This program cannot be run in DOS mode.
|
||||
`.rdata
|
||||
@.data
|
||||
u9hlq@
|
||||
~6h s@
|
||||
t)h@R@
|
||||
AWinUpdater.exe
|
||||
RSDS#Z
|
||||
C:\Users\User\source\repos\ConsoleApplication1\Release\ConsoleApplication1.pdb
|
||||
.text$mn
|
||||
.idata$5
|
||||
.00cfg
|
||||
.CRT$XCA
|
||||
.CRT$XCAA
|
||||
.CRT$XCZ
|
||||
.CRT$XIA
|
||||
.CRT$XIAA
|
||||
.CRT$XIAC
|
||||
.CRT$XIZ
|
||||
.CRT$XPA
|
||||
.CRT$XPZ
|
||||
.CRT$XTA
|
||||
.CRT$XTZ
|
||||
.rdata
|
||||
.rdata$voltmd
|
||||
.rdata$zzzdbg
|
||||
.rtc$IAA
|
||||
.rtc$IZZ
|
||||
.rtc$TAA
|
||||
.rtc$TZZ
|
||||
.xdata$x
|
||||
.idata$2
|
||||
.idata$3
|
||||
.idata$4
|
||||
.idata$6
|
||||
.rsrc$01
|
||||
.rsrc$02
|
||||
ShellExecuteA
|
||||
SHELL32.dll
|
||||
CreateFileA
|
||||
WriteFile
|
||||
GetTempPathA
|
||||
CloseHandle
|
||||
ReleaseMutex
|
||||
ExitProcess
|
||||
CreateThread
|
||||
TerminateThread
|
||||
GetTickCount
|
||||
Wow64DisableWow64FsRedirection
|
||||
ExpandEnvironmentStringsA
|
||||
DeleteFileA
|
||||
GetCommandLineA
|
||||
GetLastError
|
||||
CreateMutexA
|
||||
GetSystemDirectoryA
|
||||
GetVersionExA
|
||||
Wow64RevertWow64FsRedirection
|
||||
GetModuleFileNameA
|
||||
CopyFileA
|
||||
KERNEL32.dll
|
||||
RegCloseKey
|
||||
RegCreateKeyExA
|
||||
RegDeleteValueA
|
||||
RegQueryValueExA
|
||||
RegSetValueExA
|
||||
api-ms-win-core-registry-l1-1-0.dll
|
||||
WS2_32.dll
|
||||
InternetOpenA
|
||||
InternetCloseHandle
|
||||
InternetOpenUrlA
|
||||
InternetReadFile
|
||||
InternetGetConnectedState
|
||||
WININET.dll
|
||||
GetUserNameA
|
||||
ADVAPI32.dll
|
||||
memcpy
|
||||
memset
|
||||
strstr
|
||||
__current_exception
|
||||
__current_exception_context
|
||||
_except_handler4_common
|
||||
VCRUNTIME140.dll
|
||||
strcat
|
||||
strcmp
|
||||
strcpy
|
||||
strlen
|
||||
strncpy
|
||||
__acrt_iob_func
|
||||
__stdio_common_vfprintf
|
||||
__stdio_common_vsprintf
|
||||
malloc
|
||||
strtok
|
||||
toupper
|
||||
strncmp
|
||||
_time64
|
||||
_seh_filter_exe
|
||||
_set_app_type
|
||||
__setusermatherr
|
||||
_configure_narrow_argv
|
||||
_initialize_narrow_environment
|
||||
_get_initial_narrow_environment
|
||||
_initterm
|
||||
_initterm_e
|
||||
_set_fmode
|
||||
__p___argc
|
||||
__p___argv
|
||||
_cexit
|
||||
_c_exit
|
||||
_register_thread_local_exe_atexit_callback
|
||||
_configthreadlocale
|
||||
_set_new_mode
|
||||
__p__commode
|
||||
_initialize_onexit_table
|
||||
_register_onexit_function
|
||||
_crt_atexit
|
||||
_controlfp_s
|
||||
terminate
|
||||
api-ms-win-crt-string-l1-1-0.dll
|
||||
api-ms-win-crt-stdio-l1-1-0.dll
|
||||
api-ms-win-crt-heap-l1-1-0.dll
|
||||
api-ms-win-crt-convert-l1-1-0.dll
|
||||
api-ms-win-crt-utility-l1-1-0.dll
|
||||
api-ms-win-crt-time-l1-1-0.dll
|
||||
api-ms-win-crt-runtime-l1-1-0.dll
|
||||
api-ms-win-crt-math-l1-1-0.dll
|
||||
api-ms-win-crt-locale-l1-1-0.dll
|
||||
QueryPerformanceCounter
|
||||
GetCurrentProcessId
|
||||
GetCurrentThreadId
|
||||
GetSystemTimeAsFileTime
|
||||
InitializeSListHead
|
||||
IsDebuggerPresent
|
||||
UnhandledExceptionFilter
|
||||
SetUnhandledExceptionFilter
|
||||
IsProcessorFeaturePresent
|
||||
GetModuleHandleW
|
||||
GetCurrentProcess
|
||||
TerminateProcess
|
||||
rm.bat
|
||||
@echo off
|
||||
:start
|
||||
if not exist "%s" goto done
|
||||
del "%s"
|
||||
goto start
|
||||
del "%s"
|
||||
NOTICE %s :%s
|
||||
thread %d (%s) killed
|
||||
Liberando ParamsThreads[%d][%d] = %p
|
||||
Todo bien liberado
|
||||
Error creating file
|
||||
Mozilla/4.0
|
||||
Error InternetOpen
|
||||
Error InternetOpenUrl
|
||||
File downloaded to: %s size: %lu bytes, Speed: %.2f KB/s
|
||||
SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
|
||||
Win32Driver
|
||||
[-] Error al crear socket.
|
||||
[-] No se pudo resolver el host: %s
|
||||
[-] Fall
|
||||
la conexi
|
||||
n a %s:%d
|
||||
[+] Conexi
|
||||
n establecida con %s:%d
|
||||
%d.%d.%d.%d
|
||||
couldn't resolve host
|
||||
NICK %s
|
||||
USER %s x.com x :x
|
||||
PONG %s
|
||||
JOIN #SevenKingsMustDie Stiorra
|
||||
PRIVMSG
|
||||
Uhtred Ragnarsson
|
||||
?dontuseme
|
||||
threads
|
||||
%d: %s %s
|
||||
(trying to kill)
|
||||
%PROCESSOR_IDENTIFIER%
|
||||
Windows %s. uptime: %dd %dh %dm. cpu %iMHz. online: %dd %dh %dm. User: %s. IP: %s Host: %s. CPU: %s.
|
||||
killthread
|
||||
?disconnect
|
||||
execute
|
||||
delete
|
||||
webfind64
|
||||
Download
|
||||
socks4
|
||||
socks4
|
||||
Error GetModuleFileNameA: %lu
|
||||
Error GetSystemDirectoryA: %lu
|
||||
SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
|
||||
Win32Driver
|
||||
Win32Driver
|
||||
qwer%s
|
||||
Unknown
|
||||
NT 3.51
|
||||
NT 4.0
|
||||
%s [%s]
|
||||
InternetBotConection
|
||||
unknown
|
||||
qertwetdsfvsdqeqasdasdasd.com
|
||||
could not open port
|
||||
Socks4 server waiting for connections
|
||||
abcdefghijklmnopqrstuvwxyz
|
||||
Uptime: %dd %dh %dm | CPU: %u
|
||||
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
|
||||
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
|
||||
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
|
||||
<security>
|
||||
<requestedPrivileges>
|
||||
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
|
||||
</requestedPrivileges>
|
||||
</security>
|
||||
</trustInfo>
|
||||
</assembly>
|
||||
Reference in New Issue
Block a user