Overview

overview

8

Static

static

8

FastVerCode.dll

windows7-x64

1

FastVerCode.dll

windows10-2004-x64

3

ICSharpCod...ib.dll

windows7-x64

1

ICSharpCod...ib.dll

windows10-2004-x64

1

Interop.ADODB.dll

windows7-x64

1

Interop.ADODB.dll

windows10-2004-x64

1

Interop.ADOX.dll

windows7-x64

1

Interop.ADOX.dll

windows10-2004-x64

1

Interop.ADQX.dll

windows7-x64

8

Interop.ADQX.dll

windows10-2004-x64

8

Interop.ADQX64.dll

windows7-x64

1

Interop.ADQX64.dll

windows10-2004-x64

1

Interop.JPO.dll

windows7-x64

1

Interop.JPO.dll

windows10-2004-x64

3

Interop.JRO.dll

windows7-x64

1

Interop.JRO.dll

windows10-2004-x64

1

QQռ...��.exe

windows7-x64

8

QQռ...��.exe

windows10-2004-x64

8

UUWiseHelper.dll

windows7-x64

1

UUWiseHelper.dll

windows10-2004-x64

3

dl.dll

windows7-x64

1

dl.dll

windows10-2004-x64

1

edithtm/in...�.html

windows7-x64

1

edithtm/in...�.html

windows10-2004-x64

1

edithtm/in...x.html

windows7-x64

1

edithtm/in...x.html

windows10-2004-x64

1

edithtm/js...on.asp

windows7-x64

3

edithtm/js...on.asp

windows10-2004-x64

3

edithtm/js....1.jar

windows7-x64

1

edithtm/js....1.jar

windows10-2004-x64

1

edithtm/js....4.jar

windows7-x64

1

edithtm/js....4.jar

windows10-2004-x64

1

Analysis

  • max time kernel
    29s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2022 18:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edithtm/jsp/file_manager_json.asp

  • Size

    4KB

  • MD5

    bd631547ab8fb1ab0044ae21755e0df4

  • SHA1

    7a31655196baec72ac4bdce1f1b8c5cffe213c6a

  • SHA256

    7fe4e95368dfcf900b11eed60421b077f42f3d77bf9d6113cc3416b0ed8e9bd0

  • SHA512

    d57790523d43630e511fe040aa775630c36bd0dc299c20fde84ec7c767950ac20ee47bb19d74d7e1b9aa28c97b0e18ad014106ed5a53ed7955f286aa4c8e4144

  • SSDEEP

    96:KpqmIJtIs4JzTlvUSCCrH9zBxhq6KMw9ToAp/U0jfXaIBE50zn5574zVqz4g74zV:KsvIsElvUSHd9bnKMw2ApM0zaIBE50rW

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\edithtm\jsp\file_manager_json.asp
    1⤵
      PID:1880

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1880-54-0x000007FEFC481000-0x000007FEFC483000-memory.dmp

      Filesize

      8KB

      Download