4b0a70c1939c37c3ad908ff398ae8926e3974868b65e21780387c26d8dc4bbf0 | Triage

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
11/01/2024, 04:56

Sharing

Report Analysis Logs

General

Target

第一设计平台全站程序 v4.0/Admin/Admin_ArticleComment.asp
Size

31KB
MD5

cefa9455455587bbc716cd5488f0ed52
SHA1

af03a930f293c58057aff5b1a1d023875e7cf840
SHA256

ce22311ae4fc19bab3394d963aa473e566773669ba64f12cc3ef78d852ece7c0
SHA512

377dc1ffa1321b795806cd9a963676b5bdd1bcea9129faf59d1160da29ba0a3b0eb10d626dde02b28e63ef21fb162c28edc0065c0a83f183a9069f94665c32af
SSDEEP

384:I7ouRRxxoXfALWrDIkzS/BTqXH6E24qrQdtfdDAXLAsfq4HVIg2Sav:zu4fmWrDIkzR3t27QtlUXLAALav

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\第一设计平台全站程序 v4.0\Admin\Admin_ArticleComment.asp"
1⤵
PID:2824

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2824-21-0x0000000002370000-0x0000000002371000-memory.dmp

Filesize
4KB

Download