aa1da334fc56ebeb5f89a68edb3f061a83125fa83c47dc92947d1f6c9fc0058b | Triage

Analysis

max time kernel
122s
max time network
129s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
07-09-2024 22:47

Sharing

Report Analysis Logs

General

Target

海天在线.Net论坛系统 v1.0 正式版/admin_Sqlcommand.asp
Size

4KB
MD5

7dff61b3dba9f12fa0c06f5292efaf7f
SHA1

cbb072b0b345ecf3f67ab812b7fd2c8c9787f8f6
SHA256

16ccbb97b539f7a0130f7bac1b9a7194cdd6c76a989812494757c065f24f7aa3
SHA512

1cfc6ef9895f81f61cd99fafc41a88cab340d52daf1ff28a2eb0fee201fa42940911a0b2112e0e1460419d677feafe4cec5ea1f0499cbaa45a084383260bf970
SSDEEP

96:RizuEsmRFvolDDuWhUQyXxZzhZx6ZlKvs5e2lOxYV90/NDkIdqVM/9ZH9:Rii7zDaWhUQKxhhZx6ZlK6e2lOxYV90v

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\海天在线.Net论坛系统 v1.0 正式版\admin_Sqlcommand.asp"
1⤵
PID:2068

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2068-21-0x0000000001F70000-0x0000000001F71000-memory.dmp

Filesize
4KB

Download