Overview

overview

7

Static

static

7

wwwroot/GetCode.asp

windows7-x64

3

wwwroot/GetCode.asp

windows10-2004-x64

3

wwwroot/bottom.asp

windows7-x64

3

wwwroot/bottom.asp

windows10-2004-x64

3

wwwroot/ch...pe.asp

windows7-x64

3

wwwroot/ch...pe.asp

windows10-2004-x64

3

wwwroot/ch...te.asp

windows7-x64

3

wwwroot/ch...te.asp

windows10-2004-x64

3

wwwroot/client.asp

windows7-x64

3

wwwroot/client.asp

windows10-2004-x64

3

wwwroot/crm/1.html

windows7-x64

3

wwwroot/crm/1.html

windows10-2004-x64

3

wwwroot/cr...er.asp

windows7-x64

3

wwwroot/cr...er.asp

windows10-2004-x64

3

wwwroot/cr...nt.asp

windows7-x64

3

wwwroot/cr...nt.asp

windows10-2004-x64

3

wwwroot/cr...xe.asp

windows7-x64

3

wwwroot/cr...xe.asp

windows10-2004-x64

3

wwwroot/cr...st.asp

windows7-x64

3

wwwroot/cr...st.asp

windows10-2004-x64

3

wwwroot/cr...nd.asp

windows7-x64

3

wwwroot/cr...nd.asp

windows10-2004-x64

3

wwwroot/cr...se.vbs

windows7-x64

1

wwwroot/cr...se.vbs

windows10-2004-x64

1

wwwroot/cr...ig.asp

windows7-x64

3

wwwroot/cr...ig.asp

windows10-2004-x64

3

wwwroot/cr.../i.vbs

windows7-x64

1

wwwroot/cr.../i.vbs

windows10-2004-x64

1

wwwroot/cr...ss.vbs

windows7-x64

1

wwwroot/cr...ss.vbs

windows10-2004-x64

1

wwwroot/cr...ad.vbs

windows7-x64

1

wwwroot/cr...ad.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    13-08-2024 20:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    wwwroot/crm/HtmlEditor/Asp/config.asp

  • Size

    3KB

  • MD5

    bd0ac321b74f944dc667e2918ec01545

  • SHA1

    ef1da35eaf8c836cd943a180e251ef9eea52b63c

  • SHA256

    30bc15892b2624c7718d70997ce124c0d731cfb15901a91c230fa2cd3ebc5169

  • SHA512

    7d975d3e877eca31d534be68ba107b570ca63aa85cc34190740029715988e25c31c77edaef4d582c1f748c6b794cacc9df987088687567e0f7b3862938c7e5ba

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\wwwroot\crm\HtmlEditor\Asp\config.asp
    1⤵
      PID:1452

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1452-21-0x00000000002D0000-0x00000000002D1000-memory.dmp

      Filesize

      4KB

      Download