{"id":512,"date":"2009-04-23T22:41:26","date_gmt":"2009-04-24T02:41:26","guid":{"rendered":"http:\/\/arielantigua.com\/weblog\/?p=512"},"modified":"2009-04-23T22:41:26","modified_gmt":"2009-04-24T02:41:26","slug":"confiker-en-mi-usb","status":"publish","type":"post","link":"https:\/\/arielantigua.com\/weblog\/2009\/04\/confiker-en-mi-usb\/","title":{"rendered":"Confiker en mi USB ?"},"content":{"rendered":"<p>Si&#8230; al parecer mi Memoria USB fue victima de Confiker, no se cual variante pero definitivamente es este gusano&#8230; por suerte me percate a tiempo y conecte la memoria en mi Mac Mini donde encuentro el archivo responsable de infectar la PC y el .exe que me imagino es el gusano&#8230;.<\/p>\n<blockquote><p>mini:\/Volumes\/ARIEL&#8217;S USB ariel$ more autorun.inf<br \/>\n[autorun]<br \/>\nopen=CONFIG\\S-1-5-21-1482476501-1644491937-682003330-1013\\usr.exe<br \/>\nicon=%SystemRoot%\\system32\\SHELL32.dll,4<br \/>\naction=Open folder to view files<br \/>\nshell\\open=Open<br \/>\nshell\\open\\command=CONFIG\\S-1-5-21-1482476501-1644491937-682003330-1013\\usr.exe<br \/>\nshell\\open\\default=1<br \/>\nmini:\/Volumes\/ARIEL&#8217;S USB ariel$<\/p><\/blockquote>\n<blockquote><p>mini:\/Volumes\/ARIEL&#8217;S USB ariel$ cd CONFIG\/<br \/>\nmini:\/Volumes\/ARIEL&#8217;S USB\/CONFIG ariel$ ls<br \/>\nS-1-5-21-1482476501-1644491937-682003330-1013<br \/>\nmini:\/Volumes\/ARIEL&#8217;S USB\/CONFIG ariel$ cd S-1-5-21-1482476501-1644491937-682003330-1013\/<br \/>\nmini:\/Volumes\/ARIEL&#8217;S USB\/CONFIG\/S-1-5-21-1482476501-1644491937-682003330-1013 ariel$ ls<br \/>\nDesktop.ini\u00a0\u00a0\u00a0\u00a0 usr.exe<br \/>\nmini:\/Volumes\/ARIEL&#8217;S USB\/CONFIG\/S-1-5-21-1482476501-1644491937-682003330-1013 ariel$<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Si&#8230; al parecer mi Memoria USB fue victima de Confiker, no se cual variante pero definitivamente es este gusano&#8230; por suerte me percate a tiempo y conecte la memoria en mi Mac Mini donde encuentro el archivo responsable de infectar la PC y el .exe que me imagino es el gusano&#8230;. mini:\/Volumes\/ARIEL&#8217;S USB ariel$ more [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-512","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/posts\/512","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/comments?post=512"}],"version-history":[{"count":0,"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/posts\/512\/revisions"}],"wp:attachment":[{"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/media?parent=512"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/categories?post=512"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/arielantigua.com\/weblog\/wp-json\/wp\/v2\/tags?post=512"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}