all InfoSec news
Suspicious batch file
May 1, 2023, 7:31 p.m. | /u/Fine_Conversation_91
cybersecurity www.reddit.com
​
Wondering if anyone has seen something like this:
​
File Name cmd.exe
File Path file:///C%3A/WINDOWS/system32/cmd.exe
Command Line Arguments C:\WINDOWS\system32\cmd.exe /Q /c echo cd ^> \\127.0.0.1\C$\__outputa 2^>^&1 > C:\WINDOWS\SXjBVUay.bat & C:\WINDOWS\system32\cmd.exe /Q /c C:\WINDOWS\SXjBVUay.bat & del C:\WINDOWS\SXjBVUay.bat
We see a lot of computers being flagged with this by Cisco enpoint protection but I cannot locate that file on the computers (probably cause it deletes itself).
​
Any help is appreciated.
amp bat batch cisco command command line computers cybersecurity echo file name path protection windows
More from www.reddit.com / cybersecurity
How does hiring in APT groups work?
19 hours ago |
www.reddit.com
State of WiFi Security in 2024
20 hours ago |
www.reddit.com
Prioritize Blue Team for Cybersecurity Success
21 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)