Overview

overview

3

Static

static

1

Connections/wxbbs.vbs

windows7-x64

1

Connections/wxbbs.vbs

windows10-2004-x64

1

admin.asp

windows7-x64

3

admin.asp

windows10-2004-x64

3

askly.asp

windows7-x64

3

askly.asp

windows10-2004-x64

3

checkcode.vbs

windows7-x64

1

checkcode.vbs

windows10-2004-x64

1

default.asp

windows7-x64

3

default.asp

windows10-2004-x64

3

delly.asp

windows7-x64

3

delly.asp

windows10-2004-x64

3

face.htm

windows7-x64

1

face.htm

windows10-2004-x64

1

images/krId.js

windows7-x64

1

images/krId.js

windows10-2004-x64

1

lybook.asp

windows7-x64

3

lybook.asp

windows10-2004-x64

3

pass.asp

windows7-x64

3

pass.asp

windows10-2004-x64

3

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Connections/wxbbs.vbs

windows7-x64

1

Connections/wxbbs.vbs

windows10-2004-x64

1

admin.asp

windows7-x64

3

admin.asp

windows10-2004-x64

3

askly.asp

windows7-x64

3

askly.asp

windows10-2004-x64

3

checkcode.vbs

windows7-x64

1

checkcode.vbs

windows10-2004-x64

1

default.asp

windows7-x64

3

default.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-03-2024 12:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lybook.asp

  • Size

    10KB

  • MD5

    340b202d6aecfc61c05956b4e71f0671

  • SHA1

    3b610195bc155d830585726235752e73ae45261f

  • SHA256

    4030ed77f87a6d08747f3f5b62e996d3694e13215ed0e9a0953a6b7f54cf6a18

  • SHA512

    87d5949487aa4862016a3380db2fc590f0a6ddc2b1b51e64a1384d00baa5032975b480037b04188fdd029e1a777271e92cfbc3bcf4be020b0112265d99154ec9

  • SSDEEP

    96:I1lsm3yur1WV5+IC/hiwe1QZ0F+YjT8YbQvpjveFYpbIm53hlo7bS0pcqeKWSLpu:IlbEpd+lYX8JlXqnqDU9YPz+5g

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\lybook.asp
    1⤵
      PID:2032

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2032-21-0x0000000000310000-0x0000000000311000-memory.dmp

      Filesize

      4KB

      Download