32 lines
411 B
Markdown
32 lines
411 B
Markdown
## Qprocess.exe
|
|
|
|
* Functions: Credentials
|
|
|
|
```
|
|
qprocess /SERVER:RemoteServer
|
|
```
|
|
|
|
Acknowledgements:
|
|
* Rahmat Nurfauzi - @infosecn1nja
|
|
|
|
Code sample:
|
|
*
|
|
|
|
Resources:
|
|
* https://twitter.com/infosecn1nja/status/987268926139592706
|
|
|
|
Full path:
|
|
```
|
|
c:\windows\system32\Qprocess.exe
|
|
```
|
|
|
|
Notes:
|
|
Some specific details about the binary file.
|
|
|
|
|
|
Detection:
|
|
Details about detection.
|
|
IOC, Behaviour , User Agents etc
|
|
|
|
|