f3f473afb1c126c40a62f1c2cc2f0bdb7dc9395732012bcdd68bac9e7db071bc | Triage

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
18/01/2024, 01:26

Sharing

Report Analysis Logs

General

Target

北方俱乐部/admin/admin_cfg.asp
Size

892B
MD5

b9261d35fadb5358a2cab827a2c96b52
SHA1

80d0e0f5ab7429211a21cba6eac3304f1963af41
SHA256

4f933ba86ae7cdf805aeb16fd39d238a59ca44cacdb1017bdc53fb93984bdb36
SHA512

e1c0d3bf903ee03a98a48a2b26e26ce62d7eb862cde2018dcb6c1b21349adf48a10571d1ab32dcfe265ba2cec87aa30d7fb016f0d10790740172c89e9f72d2c2

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\北方俱乐部\admin\admin_cfg.asp
1⤵
PID:2360

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2360-21-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download