Overview

overview

3

Static

static

1

可创工�...-1.asp

windows7-x64

3

可创工�...-1.asp

windows10-2004-x64

可创工�...-2.asp

windows7-x64

3

可创工�...-2.asp

windows10-2004-x64

3

可创工�...-3.asp

windows7-x64

3

可创工�...-3.asp

windows10-2004-x64

3

可创工�...1.html

windows7-x64

1

可创工�...1.html

windows10-2004-x64

1

可创工�...-1.asp

windows7-x64

3

可创工�...-1.asp

windows10-2004-x64

3

可创工�...-2.asp

windows7-x64

3

可创工�...-2.asp

windows10-2004-x64

1

可创工�...-3.asp

windows7-x64

1

可创工�...-3.asp

windows10-2004-x64

3

可创工�...-1.asp

windows7-x64

3

可创工�...-1.asp

windows10-2004-x64

3

可创工�...-2.asp

windows7-x64

1

可创工�...-2.asp

windows10-2004-x64

1

可创工�...-3.asp

windows7-x64

3

可创工�...-3.asp

windows10-2004-x64

3

可创工�...ok.vbs

windows7-x64

1

可创工�...ok.vbs

windows10-2004-x64

1

可创工�...ob.asp

windows7-x64

3

可创工�...ob.asp

windows10-2004-x64

3

可创工�...ve.vbs

windows7-x64

1

可创工�...ve.vbs

windows10-2004-x64

1

可创工�...ow.vbs

windows7-x64

1

可创工�...ow.vbs

windows10-2004-x64

1

可创工�...ss.vbs

windows7-x64

1

可创工�...ss.vbs

windows10-2004-x64

1

可创工�...s1.vbs

windows7-x64

1

可创工�...s1.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    可创工作室 v2.0/AcceptJob.asp

  • Size

    13KB

  • MD5

    f1e21b8b768e41792d82e87b612571e6

  • SHA1

    f8c33a98bc1a7983bf26d589b34727242b07c35d

  • SHA256

    8b3a3c28081151f0eb7906390443ad59a92154ef405ac280d0d46dd3260e2f0f

  • SHA512

    ed32c5121cacb9bb42a535c79386cc982f265f62fecbb49b95b268fa88fed72905b43bd6e8573d0e327ecdcd83842b874c4edf35a23786470d0c5a27c555533c

  • SSDEEP

    192:3oGvnZRnFH56SvMmaagm3A1LmgOmG9g0ac8g:37f/aJ5jOH

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\可创工作室 v2.0\AcceptJob.asp"
    1⤵
      PID:1456

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1456-21-0x0000000000410000-0x0000000000411000-memory.dmp

      Filesize

      4KB

      Download