e1a525ca6c580cc66483273410ffe4cee6f226f6bb2034a667b1bbe6982eea74 | Triage

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
10/07/2024, 14:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

终点小说连载系统圈圈美化版/Search.asp
Size

4KB
MD5

ab056b5ad0a50ac3fd573650ebf8af80
SHA1

e9e21bb8151c0ebd4845d10d01996e7a32bd02d9
SHA256

34dc02cab29ac10365f1929db4d4d38aee692e487fba41fe3f539695040b0727
SHA512

7fe03f28edc61a13beaf35d23838a72c4b77f61e8540d8fdd515ed82fe396795ebaa8f08d64e2663d0282a9aafce6f7c2a5895267c4e7835caf93a322c7bc4fc
SSDEEP

48:+Jkb2ezXVzdysdTtYoMK30AhLnsuYitskfysdTtYj1MvT/rLGblLnsuYQgts0JLc:TbTfKoMahbsJ+sMfKj1MzPGZbsJbs+xW

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\终点小说连载系统圈圈美化版\Search.asp"
1⤵
PID:2072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2072-21-0x0000000002270000-0x0000000002271000-memory.dmp

Filesize
4KB

Download