af4eb7a351bfd9efbb1d8660595e75e318f4a6e54f147a437a09d598c71796f8 | Triage

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 14:22

Sharing

Report Analysis Logs

General

Target

可创工作室 v2.0/2-1.asp
Size

10KB
MD5

95a0d24638fb7101db78cdbaf1647c08
SHA1

7ede4b13ad3931b59d8786cca99fb5db5fdc3350
SHA256

4accc45ae4bf450d02f246d0e7a02d2c32e6e1072bdb77027f675789e121861b
SHA512

025d89270a5a82b3321de283e1effdd8b983b06dd0d3085d68a3a25a860966e9c1b56d8cf3dfc0c68535a1e75a9d3bd70daa6799853eae43a287cf9725cdb01a
SSDEEP

192:eGvnZRnBH56IWBIqahCHM/WwcLcnGz14IjgOmG9g0acIg:5fjqWCs/FcLUEcjOL

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\可创工作室 v2.0\2-1.asp"
1⤵
PID:1996

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1996-21-0x0000000000310000-0x0000000000311000-memory.dmp

Filesize
4KB

Download