92efe7f06309bcb995960eff6619101de043c09f1ba8c7c68684d0a2f73ade27 | Triage

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 00:21

Sharing

Report Analysis Logs

General

Target

无名小说连载系统 v1.0/admin/caidan.asp
Size

4KB
MD5

6b2ad6d0955a1164aebd7b571dbf0891
SHA1

e124d7f0f272ebc457eed698ae0b273314cdaf2a
SHA256

bc88bd5526f1a3756b687fdbaad1d4e2226bf6c949449371fcfe3a379009b340
SHA512

e44ed533539efac1b0da7668b496d7e93c6ad9d20b069a46f2b3e4b28ddf82c0c9e0c33c95afef80b2c5ea591a5cb2c00ee33e2cc30c6225915699d158a334c8
SSDEEP

96:ZKAK55PZKJJKrqkPpcJVBJKrqITpcJVBJKrq5CpcJVJkJKrq4xTpcJVBJKrqEOSt:QZcGLpcJVulpcJVu9pcJV9fZpcJVuBPt

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\无名小说连载系统 v1.0\admin\caidan.asp"
1⤵
PID:2252

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2252-21-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download