Executable files used by client
- Mark Zuk
Analytics
Here is a list of the executable files used by the GYTPOL client, along with their corresponding paths:
GYTPOL Client Executables:
C:\Program Files\WindowsPowerShell\Modules\gytpol\Client\fw4_6_2\GytpolClientFW4_6_2.exe
C:\Program Files\WindowsPowerShell\Modules\gytpol\Client\fw2\GytpolClientFW2.exe
C:\Program Files\WindowsPowerShell\Modules\gytpol\Client\fw4\GytpolClientFW4.exe
List of Executables Used by the GYTPOL Client During Scans:
C:\Windows\System32\explorer.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
c:\program files\windowspowershell\v1.0\gytpol\client\gytPSWrapper2.exe
c:\program files\windowspowershell\v1.0\gytpol\client\gytPSWrapper4.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\schtasks.exe
C:\Windows\System32\openfiles.exe
C:\Windows\System32\dism.exe
C:\Windows\System32\cmdkey.exe
C:\Windows\System32\gpresult.exe
C:\Windows\System32\Dism.exe
C:\Windows\System32\SecEdit.exe
C:\Windows\System32\cmd.exe
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
C:\Program Files (x86)\Google\Update\ChromeInstaller.exe
C:\Windows\System32\klist.exe
C:\Windows\System32\wevtutil.exe
C:\Windows\System32\inetsrv\appcmd.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\netsh.exe
C:\Windows\System32\manage-bde.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
<$javaPath>\bin\java.exe (replace "<$javaPath>" with the actual path to the Java executable)
C:\Windows\System32\msiexec.exe
C:\Windows\System32\net.exe
C:\Program Files (x86)\VMware\VMware Workstation\VMrun.exe
C:\Program Files (x86)\Oracle\VirtualBox\vboxmanage.exe
C:\Windows\SoftwareDistribution\EventCacheManager.exe
These executable files are used by the GYTPOL client to perform various tasks and scans on the system. It's important to have proper exclusions and whitelisting in place to ensure that the GYTPOL client can function without any disruptions caused by security software or policies.