af34d8c481365f9294211cce933169efae24ae059ac580fdf6f9fea1058568de | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
09/01/2024, 06:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

笔趣阁.exe
Size

1.3MB
MD5

e65d4112e0d3a134c362cd17e083ccdd
SHA1

640e1a4d91e5fb3260ce03f25fb28be3aca45fa1
SHA256

af34d8c481365f9294211cce933169efae24ae059ac580fdf6f9fea1058568de
SHA512

699988025e47b1dca98ea28128b017981dc367155c7440a607d9fedbd8c2ab031dd892c8525a986354066a83d159b74387a85ca087fa0764b1e14366daa4e0ec
SSDEEP

24576:mQ6cGwsw6jf0jPE99r9Gyz46VNQDtmQZ6aSZt+zTTkIHz91OGvcjQ5D4X7kyeFO:mxZZ0jSt9GyMONmX6Z+TkY91pWQ5D4XB

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\笔趣阁.exe
"C:\Users\Admin\AppData\Local\Temp\笔趣阁.exe"
1⤵
PID:356

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads