搜索

[15536] 2020-06-26_PoulightStealer:来自俄罗斯的窃密恶意软件

文档创建者:s7ckTeam
浏览次数:31
最后更新:2025-01-18
2020-06-26_PoulightStealer:来自俄罗斯的窃密恶意软件 P o u l i g h t   S t e a l e r A v e n g e r   F r e e B u f   2 0 2 0 - 0 6 - 2 6   P o u l i g h t   S t e a l e r     A z o r u l t A g e n t   T e s l a     H a w k e y e P o u l i g h t     3   M a l w a r e B y t e s   I O C   8 e f 7 b 9 8 e 2 f c 1 2 9 f 5 9 d d 8 f 2 3 d 3 2 4 d f 1 f 9 2 2 7 7 f c c 1 6 d a 3 6 2 9 1 8 6 5 5 a 1 1 1 5 c 7 4 a b 9 5 P o u l i g h t   S t e a l e r P o u l i g h t   S t e a l e r s s d e e p 1 5 3 6 : G J v 5 M c K m d n r c 4 T X N G x 1 v Z D 8 q l C G r U Z 5 B x 5 M 9 D 7 w O H U N 4 Z K N J H : G J e u n o M X N Q C + E 5 B / M u O 0 O g t   . N E T   S e l e c t   *   f r o m   W i n 3 2 _ C o m p u t e r S y s t e m 使   W M I   v m w a r e V I R T U A L V i r t u a l B o x s b i e d l l . d l l   ( S a n d b o x i e ) s n x h k . d l l   ( A v a s t   s a n d b o x ) S x I n . d l l   ( A v a s t   s a n d b o x ) S f 2 . d l l   ( A v a s t   S a n d b o x )   A l - K h a s e r     P e f i s h   S t a r t e r
S t a r t e r g l o b a l : : B u f f e r . S t a r t ( )   W i n d o w s   A p p D a t a L o c a l   A p p D a t a P e r s o n a l D e s k t o p S t r i n g 0   b a s e 6 4   % T E M P % X S I n f o r m a t i o n . S t a r t ( ) < s e t t i n g s > P H B y b 2 c u c G F y Y W 1 z P l l X U n R h V z Q 9 f E 1 R P T 1 8 T U E 9 P T w v c H J v Z y 5 w Y X J h b X M + P H R p d G x l P l V H O T F i R 2 x u Y U h R P T w v d G l 0 b G U + P G N w Z G F 0 Y T 5 N S H d 3 Z k R F e V E w N T F T M n R M U 3 p G N F R F W n Z U V G x R T l R o N l Y x a H J S V X h O Z U R G N U 5 U R j Z O b G w 4 T V R K R F R u V k x h M H R M T V h o T V J t O U 5 P V k E x T 0 h w W F d H d E Z U R T E 0 T V h r M U 1 Y b z J X W H d 3 P C 9 j c G R h d G E + P H V s Z m l s Z T 5 h S F I w Y 0 R v d k w z S j F M W F Z w W k M w M U 1 E Y 3 p O V E k 1 T W p B d W N I Q X V j b l V 2 W l h o a G J Y Q n N a U z V s Z U d V P T w v d W x m a W x l P j x t d X R l e D 5 Q T D J k N H Z G R W d W Y l F k Z G R k a 2 1 z M F p o U W l J M E k 8 L 2 1 1 d G V 4 P g = =   b a s e 6 4   < p r o g . p a r a m s > Y W R t a W 4 = | M Q = = | M A = = < / p r o g . p a r a m s > < t i t l e > U G 9 1 b G l n a H Q = < / t i t l e > < c p d a t a > M H w w f D E y Q 0 5 1 S 2 t L S z F 4 T E Z v T T l Q N T h 6 V 1 h r R U x N e D F 5 N T F 6 N l l 8 M T J D T n V L a 0 t L M X h M R * * N O V A 1 O H p X W G t F T E 1 4 M X k 1 M X o 2 W X w w         p r o g . p a r a m s H a n d l e r P a r a m s . S t a r t ( ) A n t i R e p l a y S e n d e r . C h e c k R e p l a y S t a r t ( )
使   1   c l i p p e r 使 c p d a t a   A E S   c l b a s e c l b a s e C B o a r d . s t a r t F i l e z i l l a   P i d g i n   D i s c o r d   T e l e g r a m
S k y p e S t e a m C h r o m e D F i l e s c o n n e c t   C & C   u l f i l e P o u l i g h t   S t e a l e r   I O C 8 e f 7 b 9 8 e 2 f c 1 2 9 f 5 9 d d 8 f 2 3 d 3 2 4 d f 1 f 9 2 2 7 7 f c c 1 6 d a 3 6 2 9 1 8 6 5 5 a 1 1 1 5 c 7 4 a b 9 5 h t t p / / f f f [ . g e a r h o s t p r e v i e w [ . c o m / A R M B o t h t t p [ : / / u 4 3 6 9 2 2 1 0 a [ . h a 0 0 3 . t . j u s t n s [ . r u / [ h t t p : / / p o u l l i g h t [ . r u / ] ( h t t p s : / / w w w . f r e e b u f . c o m / ) Y a r a i m p o r t   " p e " r u l e   P o u l i g h t _ S t e a l e r _ M a y _ 2 0 2 0   { m e t a :
Y o r o i * A v e n g e r     F r e e B u f . C O M             d e s c r i p t i o n   =   " Y a r a   r u l e   f o r   P o u l i g h t   S t e a l e r "             h a s h   =   " 8 e f 7 b 9 8 e 2 f c 1 2 9 f 5 9 d d 8 f 2 3 d 3 2 4 d f 1 f 9 2 2 7 7 f c c 1 6 d a 3 6 2 9 1 8 6 5 5 a 1 1 1 5 c 7 4 a b 9 5 "             a u t h o r   =   " C y b a z e   -   Y o r o i     Z L a b "             l a s t _ u p d a t e d   =   " 2 0 2 0 - 0 5 - 0 7 "             t l p   =   " w h i t e "             c a t e g o r y   =   " i n f o r m a t i o n a l " s t r i n g s :         $ s 1   =   " h t t p / / f f f . g e a r h o s t p r e v i e w . c o m / A R M B o t "   a s c i i         $ s 2   =   " W B c G 9 1 b G x p Z 2 h 0 L h t t p : / / p o u l l i g h t . r u / k e y s . t x t "   a s c i i           $ s 3   =   " P o u l l i g h t . e x e "         $ s 4   =   " w a l l e t s w a l l e t . d a t "   w i d e   a s c i i         $ s 5   =   " = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = "   w i d e   a s c i i         $ s 6   =   { 2 F   7 B   0 0   3 0   0 0   7 D   0 0   3 C   0 0   6 3   0 0   6 C   0 0   6 2   0 0   6 1                 0 0   7 3   0 0   6 5   0 0   3 E   0 0   7 B   0 0   ? ?   0 0   7 D   0 0   3 C   0 0   2 F                 0 0   6 3   0 0   6 C   0 0   6 2   0 0   6 1   0 0   7 3   0 0   6 5   0 0   3 E   0 0 } $ s 7   =   " S e l e c t   *   f r o m   W i n 3 2 _ C o m p u t e r S y s t e m "   w i d e   a s c i i c o n d i t i o n :         u i n t 1 6 ( 0 )   = =   0 x 5 A 4 D   a n d   a l l   o f   t h e m }
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理