21dde331f8e67267a53e8a7d4bd4b9c4b86ec3a3760a87e2a454f5a690a70969 | Triage

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
03-07-2024 16:13

Sharing

Report Analysis Logs

General

Target

ywsy/Delete/deletecomment.asp
Size

601B
MD5

561b7a0b42995aa1ae8a41d107f8a269
SHA1

48fe0f30ffbea8b39cfc0b67a131ef1f1443ab2e
SHA256

63c08dac351a7a71c6ba8038b215b77f7a37c3ada33f327bd060a902a18b1971
SHA512

0408cd1e51dde561b4df0913ac25774d9dacc3c3669566f1f994e8a7c43b3e437ba3b2a7da31a7f9d1fe1ec0edc0de3ccdc7585a244e400d5929f8d6aed3c4e1

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\ywsy\Delete\deletecomment.asp
1⤵
PID:1904

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1904-25-0x0000000002A00000-0x0000000002A01000-memory.dmp

Filesize
4KB

Download