Scribd Logo
Upload

Welcome to Scribd!

  • 6 views

    Remote Working

    Uploaded by

    Togrul Asgerli
    The document discusses analyzing a malware sample file uploaded to VirusTotal. It provides answers to questions about the file's creation date, detection name in Bitdefender, number of files dropped, SHA-256 hash of one dropped file, and URL visited to download spyware.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Remote Working

    Uploaded by

    Togrul Asgerli
    6 views4 pages
    The document discusses analyzing a malware sample file uploaded to VirusTotal. It provides answers to questions about the file's creation date, detection name in Bitdefender, number of files dropped, SHA-256 hash of one dropped file, and URL visited to download spyware.

    Original Description:

    Original Title

    Remote_Working

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses analyzing a malware sample file uploaded to VirusTotal. It provides answers to questions about the file's creation date, detection name in Bitdefender, number of files dropped, SHA-256 hash of one dropped file, and URL visited to download spyware.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    6 views4 pages

    Remote Working

    Uploaded by

    Togrul Asgerli
    The document discusses analyzing a malware sample file uploaded to VirusTotal. It provides answers to questions about the file's creation date, detection name in Bitdefender, number of files dropped, SHA-256 hash of one dropped file, and URL visited to download spyware.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    Remote Working

    STUDENT:TOGRUL ASGERLI
    INSTRUCTOR:IBRAHIM ALIYEV

    Firstly, download the file and unzip we could get .xls file.
    Then upload file to virus total website we can get more
    information about the malware .

    Let’s answer the questions.

    1)What is the date the file was created?


    Go to details section and through history tab we can get
    our answer.

    -2020-02-01 18:28:07

    2) With what name is the file detected by Bitdefender


    antivirus?
    Going to detection section and look at more details we
    can answer our question.

    -Trojan.GenericKD.36266294
    3)How many files are dropped on the disk?
    Going to relations section and looking to dropped files we
    can see 3 files dropped with this malware.

    -3
    4)What is the sha-256 hash of the file with emf extension
    it drops?
    In our previous question we can see A1E16AF5.emf file
    has emf extension and click to this file we can see
    sha-256 hash.

    979dde2aed02f077c16ae53546c6df9eed40e8386d6db6f
    c36aee9f966d2cb82
    5)What is the exact url to which the relevant file goes to
    download spyware?
    In relations section we can see to url which malware
    visited and second url contain .exe so it is used for file
    download.
    https://multiwaretecnologia.com.br/js/Podaliri4.exe

    You might also like