i-got-a-virus

Catégorie: Forensic Difficulté: Facile Flag: -

Challenge

408KB

Description

We need to understand the capabilities of this malicious file. WARNING: THIS CHALLENGE CONTAINS REAL MALWARE AND SHOULD BE TESTED IN AN SANDBOX ENVIRONMENT the entire challenge is solvable using VirusTotal.

Solution

Ce challenge est une suite de questions, direction VirusTotal pour analyser le malware.

Q1. What is the SHA256 of the given file?

C'est écrit tout de suite après avoir upload le fichier, c'est grâce à ce hash que les fichiers sont associés entre eux sur VirusTotal

-> 4c1dc737915d76b7ce579abddaba74ead6fdb5b519a1ea45308b8c49b950655c

Q2. What is the malware family name?

-> petya

Q3. What type of malware is used for analysis?

-> trojan

Q4. Provide the creation date of the malicious file as presented in VirusTotal

Dans l'onglet Détail

-> 2016-01-30 02:56:43 UTC

Q5. What is the malicious IP which was marked as malicious used by the given malware sample?

Dans l'onglet Relation

-> 13.107.4.52

PrécédentForensic SuivantAlternating

Mis à jour il y a 1 an

hashtagChallenge

hashtagDescription

hashtagSolution

hashtagQ1. What is the SHA256 of the given file?

hashtagQ2. What is the malware family name?

hashtagQ3. What type of malware is used for analysis?

hashtagQ4. Provide the creation date of the malicious file as presented in VirusTotal

hashtagQ5. What is the malicious IP which was marked as malicious used by the given malware sample?