Start-up scripts & related
Scripts simply contain instructions to do something. There are different types of scripts for example Batch scripts, Python scripts and PowerShell scripts. Each script may need a particular program or operating system to run it. Scripts do not normally contain any malicious code as this would be picked up by antivirus solutions. It may however contain instructions that are malicious! Scripts can be placed in any location on a computer and be set to run when a computer is either booted or when a particular user logs in. They can also be run by a scheduled task or run by a program etc. Scripts can be in a human readable format or they can be encoded.
Let’s look at a simple batch script below:
There are essentially four parts to the batch script:
Line 1: Don’t write anything to stdout (the screen).
Line 2: Comments (all comments are ignored).
Line 3: Use the net use program to map a persistent share using a particular user account.
Line 4: Execute batch file in system32 folder.
Introduction to Digital Forensics: Malware Analysis and Investigations
Introduction to Digital Forensics: Malware Analysis and Investigations
Reach your personal and professional goals
Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.
Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.
