|
WriteConsoleW
|
buffer:
Stop-Process : Cannot find a process with the name "RegSvcs". Verify the proces
console_handle:
0x00000023
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
s name and call the cmdlet again.
console_handle:
0x0000002f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\d9e1c3_0ec2df3125b34e10ad269f8b3dd4e71d.t
console_handle:
0x0000003b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
xt.ps1:1 char:73
console_handle:
0x00000047
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ "RegSvcs", "mshta", "wscript", "msbuild" | ForEach-Object { Stop-Process <<<<
console_handle:
0x00000053
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
-Name $_ -Force }
console_handle:
0x0000005f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (RegSvcs:String) [Stop-Process],
console_handle:
0x0000006b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ProcessCommandException
console_handle:
0x00000077
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : NoProcessFoundForGivenName,Microsoft.PowerShell.
console_handle:
0x00000083
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Commands.StopProcessCommand
console_handle:
0x0000008f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Stop-Process : Cannot find a process with the name "mshta". Verify the process
console_handle:
0x000000af
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
name and call the cmdlet again.
console_handle:
0x000000bb
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\d9e1c3_0ec2df3125b34e10ad269f8b3dd4e71d.t
console_handle:
0x000000c7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
xt.ps1:1 char:73
console_handle:
0x000000d3
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ "RegSvcs", "mshta", "wscript", "msbuild" | ForEach-Object { Stop-Process <<<<
console_handle:
0x000000df
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
-Name $_ -Force }
console_handle:
0x000000eb
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (mshta:String) [Stop-Process], P
console_handle:
0x000000f7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
rocessCommandException
console_handle:
0x00000103
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : NoProcessFoundForGivenName,Microsoft.PowerShell.
console_handle:
0x0000010f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Commands.StopProcessCommand
console_handle:
0x0000011b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Stop-Process : Cannot find a process with the name "wscript". Verify the proces
console_handle:
0x0000013b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
s name and call the cmdlet again.
console_handle:
0x00000147
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\d9e1c3_0ec2df3125b34e10ad269f8b3dd4e71d.t
console_handle:
0x00000153
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
xt.ps1:1 char:73
console_handle:
0x0000015f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ "RegSvcs", "mshta", "wscript", "msbuild" | ForEach-Object { Stop-Process <<<<
console_handle:
0x0000016b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
-Name $_ -Force }
console_handle:
0x00000177
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (wscript:String) [Stop-Process],
console_handle:
0x00000183
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ProcessCommandException
console_handle:
0x0000018f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : NoProcessFoundForGivenName,Microsoft.PowerShell.
console_handle:
0x0000019b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Commands.StopProcessCommand
console_handle:
0x000001a7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Stop-Process : Cannot find a process with the name "msbuild". Verify the proces
console_handle:
0x000001c7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
s name and call the cmdlet again.
console_handle:
0x000001d3
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\d9e1c3_0ec2df3125b34e10ad269f8b3dd4e71d.t
console_handle:
0x000001df
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
xt.ps1:1 char:73
console_handle:
0x000001eb
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ "RegSvcs", "mshta", "wscript", "msbuild" | ForEach-Object { Stop-Process <<<<
console_handle:
0x000001f7
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
-Name $_ -Force }
console_handle:
0x00000203
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (msbuild:String) [Stop-Process],
console_handle:
0x0000020f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
ProcessCommandException
console_handle:
0x0000021b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : NoProcessFoundForGivenName,Microsoft.PowerShell.
console_handle:
0x00000227
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Commands.StopProcessCommand
console_handle:
0x00000233
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Directory: C:\ProgramData
console_handle:
0x00000253
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Mode LastWriteTime Length Name
console_handle:
0x0000025f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
d---- 2023-10-06 오후 1:26 MINGALIES
console_handle:
0x00000267
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
Invoke-Expression : The "=" operator is missing after a named argument.
console_handle:
0x00000023
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\d9e1c3_0ec2df3125b34e10ad269f8b3dd4e71d.t
console_handle:
0x0000002f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
xt.ps1:44 char:11
console_handle:
0x0000003b
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ $lulli | . <<<< ('{1}{°°°°°}'.replace('°°°°°','0')-f'!','I').replac
console_handle:
0x00000047
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
e('!','ex')
console_handle:
0x00000053
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ParserError: (:) [Invoke-Expression], ParseExcep
console_handle:
0x0000005f
|
1
|
1 |
0
|
|
WriteConsoleW
|
buffer:
tion
console_handle:
0x0000006b
|
1
|
1 |
0
|
d9e1c3_0ec2df3125b34e10ad269f8b3dd4e71d.txt.ps1