d087be4d206419916853f276abf31b32b7a2ecb7d0c2c66f023b0ed08dbb0ca5 | Triage

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 00:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

传名网络我的编程笔记 v2004/admin/ClassAddBig.asp
Size

2KB
MD5

4b483d88a384512ccb08f68321aa3ef2
SHA1

35b0888c13e6511e2e2b127780a80891ecb98ddf
SHA256

d05020db7c5abcac6bac79cfad47805229d7c79b8e52bbe7c6fc8252452fb9ec
SHA512

007cb559a35ce0dec8d37c365d71004b52801c36228789f3391884f7d05d6770e77fe31d1095443ce327f5117e5350fd33c6b12ec53b7f3344fd0dcc502145b0

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\传名网络我的编程笔记 v2004\admin\ClassAddBig.asp"
1⤵
PID:1648

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1648-21-0x0000000002270000-0x0000000002271000-memory.dmp

Filesize
4KB

Download