c0cdae58d0254366b1f7b12ecfae1cc568df15d646e0a5398277b18412904102 | Triage

Analysis

max time kernel
120s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 21:43

Sharing

Report Analysis Logs

General

Target

shangdu2.0.2sql/admin/admin_wrong.asp
Size

1KB
MD5

e196d93615adf338a9298af618c8c80e
SHA1

65b42ea2e90763f23228c49ec3fb1a7100115dc6
SHA256

e112ea15a1e5f335457424033b2358b98484f975f7e5ad7b4980dda1391bd3ba
SHA512

88b811fe81a6c7e61587e2b2e6dedfbc0ed6170a488f9d80485d99b6db0783d0b8b65652a53144196ed62f069935a2cf1651bd88751f6dac8d1c0b389435bc19

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\shangdu2.0.2sql\admin\admin_wrong.asp
1⤵
PID:2500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2500-21-0x00000000021F0000-0x00000000021F1000-memory.dmp

Filesize
4KB

Download