ed1494d0ba1a40d8d96966c62bea2ffc257a2637ff74819b9e8c09a5e38a6eec | Triage

Analysis

max time kernel
118s
max time network
120s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
19-07-2024 00:59

Sharing

Report Analysis Logs

General

Target

Qspace2.0_src/WebUI/AddressBook/AddressPub.asp
Size

2KB
MD5

e029138e7b153b731fe34f8dc0c692ca
SHA1

54b4a2831709b933a90e39bc92b13d7d624786db
SHA256

708a129e81c14164977af6ac0abf1832320a3eab65d9438f9d3aa1ddc21c42b8
SHA512

d4e11227fe3ec61691136ef42ba5c1ee32725b81dee327906d734fd343d779c860176ded07ba33929705f1684014b8779d744945b7e7226d2d7f6dfca3a672b3

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Qspace2.0_src\WebUI\AddressBook\AddressPub.asp
1⤵
PID:2680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2680-25-0x00000000002D0000-0x00000000002D1000-memory.dmp

Filesize
4KB

Download