supernova | App_Web_logoimagehandler[.]ashx[.]b6031896[.]dll

General

Target

App_Web_logoimagehandler.ashx.b6031896.dll
Size

7KB
MD5

56ceb6d0011d87b6e4d7023d7ef85676
SHA1

75af292f34789a1c782ea36c7127bf6106f595e8
SHA256

c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71
SHA512

f7eac6ab99fe45ca46417cdca36ba27560d5f8a2f37f378ba97636662595d55fa34f749716971aa96a862e37e0199eb6cb905636e6ab0123cfa089adba450629

Score

10^/10

Malware Config

Signatures

Detected SUPERNOVA .NET web shell 1 IoCs

SUPERNOVA is a .NET web shell backdoor masquerading as a legitimate SolarWinds web service handler. SUPERNOVA inspects and reponds to HTTP requests with the appropriate HTTP query strings, Cookies, and/or HTML form values (e.g. named codes, class, method, and args).

backdoor

resource	yara_rule
sample	family_supernova

Supernova family
supernova

Files

App_Web_logoimagehandler.ashx.b6031896.dll
.dll windows x86

Sharing

General

Malware Config

Signatures

Files

We care about your privacy.