Behavioral task
behavioral1
Sample
41356dbd3899b8de9f9b0bff176a17a0c6b9e89409ff390fbaf7eba4d9f175bb.pdf
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
41356dbd3899b8de9f9b0bff176a17a0c6b9e89409ff390fbaf7eba4d9f175bb.pdf
Resource
win10v2004-20220414-en
General
-
Target
41356dbd3899b8de9f9b0bff176a17a0c6b9e89409ff390fbaf7eba4d9f175bb
-
Size
482KB
-
MD5
5755dce255abb114e6d626d9b30e0fa4
-
SHA1
af5ce62bfcff9a88b20be403e22b24aac40f3f5f
-
SHA256
41356dbd3899b8de9f9b0bff176a17a0c6b9e89409ff390fbaf7eba4d9f175bb
-
SHA512
e2e9d9b1280ebf0365b1b2fc4efd7036e18b6113527ceea4b3ad4e26f74683111be8965f1e1a119634bc1668c7548c322c6998bb06effc640300812e837549fb
-
SSDEEP
12288:HDVuchwjr4+3APJ2+TT2sjfrcUFesaiwZcpF0KvWYH7r7O3Re:HDIchgr4+3p+TTnzQUYZcAKr/7ARe
Malware Config
Signatures
Files
-
41356dbd3899b8de9f9b0bff176a17a0c6b9e89409ff390fbaf7eba4d9f175bb.pdf
-
http://www.owasp.org
-
https://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf
-
http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
-
http://delicious.com/inquis/sqlinjection
-
http://portswigger.net/suite/
-
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
-
http://www.google.com
-
http://metasploit.com
-
http://w3af.sourceforge.net
-
http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html
-
http://bernardodamele.blogspot.com/2007/07/more-on-database-management-system.html
-
http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857
-
http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database
-
http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx
-
http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx
-
http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.html
-
http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx
-
http://www.youtube.com/user/inquisb/videos
-
http://www.youtube.com/user/stamparm/videos
-
http://unconciousmind.blogspot.com/search/label/sqlmap
-
https://github.com/sqlmapproject/sqlmap/tarball/master
-
https://github.com/sqlmapproject/sqlmap/zipball/master
-
https://github.com/sqlmapproject/sqlmap
-
http://www.python.org
-
http://python.org/download/
-
http://metasploit.com/download/
-
https://code.google.com/p/impacket/
-
https://code.google.com/p/ibm-db/
-
http://kinterbasdb.sourceforge.net/
-
https://code.google.com/p/pyodbc/
-
http://code.google.com/p/pymssql/
-
https://github.com/PyMySQL/PyMySQL/
-
http://cx-oracle.sourceforge.net/
-
http://initd.org/psycopg/
-
https://code.google.com/p/pysqlite/
-
http://code.google.com/p/python-ntlm/
-
http://ipython.scipy.org/moin/PyReadline/Intro
-
http://docs.python.org/library/readline.html
-
http://www.sqlmap.org/#developers
-
http://www.slideshare.net/stamparm/sqlmap-why-not-how-it-works-53947145
-
https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed
-
http://www.slideshare.net/stamparm/f-sec-2013miroslavstamparheuristicmethodsusedinsqlmap
-
http://phdays.com/program/workshops/
-
http://www.slideshare.net/stamparm/ph-days-2013miroslavstamparsqlmapunderthehood
-
http://article.gmane.org/gmane.comp.security.sqlmap/2247
-
http://sqlmap.org
-
https://github.com/sqlmapproject/sqlmap/issues
-
http://phdays.com/program/conference/
-
http://www.slideshare.net/stamparm/dns-exfiltration-using-sqlmap-13163281
-
http://www.slideshare.net/stamparm/ph-days-2012miroslavstampardataretrievaloverdnsinsqlinjectionattackspaper
-
http://fsec.foi.hr/index.php/Miroslav_Stampar_-_It_all_starts_with_the_%27_-_SQL_injection_from_attackers_point_of_view
-
http://www.slideshare.net/stamparm/f-sec-2011miroslavstamparitallstartswiththesinglequote-9311238
-
https://ep2012.europython.eu/conference/talks/sqlmap-security-developing-in-python
-
http://www.slideshare.net/stamparm/euro-python-2011miroslavstamparsqlmapsecuritydevelopmentinpython
-
http://www.slideshare.net/inquis/ath-con-2010bernardodamelegotdbownnet
-
http://www.youtube.com/inquisb
-
http://www.athcon.org/speakers/
-
http://www.athcon.org/archives/2010-2/
-
http://unconciousmind.blogspot.com/
-
http://bernardodamele.blogspot.com/2009/12/sqlmap-state-of-art-3-years-later.html
-
http://www.sqlmap.org/#ml
-
https://svn.sqlmap.org/sqlmap/trunk/sqlmap/
-
http://www.pornosecurity.org
-
http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009/schedule
-
http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009
-
http://200902.confidence.org.pl/
-
http://www.slideshare.net/inquis/sql-injection-not-only-and-11-updated
-
http://www.digitalsecurityforum.eu/
-
http://www.owasp.org/index.php/OWASP_AppSec_Europe_2009_-_Poland
-
http://eusecwest.com/
-
http://bernardodamele.blogspot.com/2009/05/sqlmap-in-debian-package-repository.html
-
http://www.microsoft.com/technet/security/Bulletin/MS09-004.mspx
-
http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-slides
-
http://bernardodamele.blogspot.com/2009/03/black-hat-europe-2009.html
-
http://www.slideshare.net/inquis/sql-injection-not-only-and-11
-
http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009
-
http://www.blackhat.com/html/bh-europe-09/bh-eu-09-speakers.html#Damele
-
http://www.blackhat.com/html/bh-europe-09/bh-eu-09-main.html
-
http://www.slideshare.net/inquis/sql-injection-exploitation-internals-presentation
-
http://www.owasp.org/index.php/SpoC_007_-_SQLMap_-_Progress_Page
-
http://www.owasp.org/index.php/SpoC_007_-_SqlMap
-
http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Applications#Bernardo_-_sqlmap
-
http://bernardodamele.blogspot.com
-
http://dbellucci.blogspot.com
-
http://sqlmap.svn.sourceforge.net/viewvc/sqlmap/
-
http://www.torproject.org/
-
http://www.privoxy.org
-
https://www.torproject.org/docs/installguide.html.en
-
https://check.torproject.org/
-
http://www.wisec.it/sectou.php?id=472f952d79293
-
http://en.wikipedia.org/wiki/Multithreading
-
http://httpd.apache.org/docs/current/mod/mod_rewrite.html
-
http://arxiv.org/pdf/1303.3047.pdf
-
https://pypi.python.org/pypi/chardet
-
https://github.com/sqlmapproject/sqlmap.git
-
http://www.syntevo.com/smartgit/index.html
-
http://www.imperva.com/resources/glossary/http_parameter_pollution_hpp.html
-
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
-
http://www.fsf.org
-
https://raw.github.com/sqlmapproject/sqlmap/master/doc/COPYING
-
http://www.gnu.org/licenses/gpl-2.0.html
-
https://github.com/sqlmapproject/sqlmap.gitsqlmap-devv1.013
-
http://pythonsqlmap.py
-
http://python.org/download/.Thismakessqlmapacross-platformapplicationwhichisindependantoftheoperatingsystem.sqlmaprequiresPythonversion2.6.xor2.7.x.Tomakeiteveneasier,manyGNU/LinuxdistributionscomeoutoftheboxwithPythoninstalled.OtherUnixesandMacOSXalsoprovidePythonpackagedandreadytobeinstalled.WindowsuserscandownloadandinstallthePythoninstallerforx86,AMD64andItanium.sqlmapreliesontheMetasploitFrameworkforsomeofitspost-exploitationtakeoverfeatures.Youcangrabacopyoftheframeworkfromthedownloadpage-therequiredversionis3.5orhigher.FortheICMPtunnelingout-of-bandtakeovertechnique,sqlmaprequirestheImpacketlibrarytoo.Ifyouarewillingtoconnectdirectlytoadatabaseserver
-
http://www.blackhat.com/html/bh-europe-09/bh-eu-09-archives.html#Damele
-
http://www.site.com/vuln.php?id=1
-
http://hashlib.md
-
http://www.target.com/vuln.php?id=1
-
http://www.target.com/sitemap.xml
-
http://www.target1.com/vuln1.php?q=foobarwww.target2.com/vuln2.asp?id=1www.target3.com/vuln3/id/1*5.13.6LoadHTTPrequestfroma
-
http://www.target.com
-
http://www.target.com/vuln.php
-
http://134.target
-
http://www.target.com/vuln.php?id=1&hash=c4ca4238a0b9238
-
http://050e.g.id
-
http://between.py
-
http://randomcase.py
-
http://space2comment.py
-
http://050e.g.do-mainattacker.com
-
http://050e.g.--dns-domainattacker.com
-
http://134w.target.com/vuln.php?id=1
-
http://www.target.com/vuln.php?id=
-
http://www.target
-
http://kinterbasdb.sourceforge.net/[xx:xx:28][WARNING]sqlmaprequires'python-pymssql'third-partylibraryinordertodirectlyconnecttotheDBMSSybase.Downloadfromhttp://pymssql.sourceforge.net/[xx:xx:28][WARNING]sqlmaprequires'pythonpymysql'third-partylibraryinordertodirectlyconnecttotheDBMSMySQL.Downloadfromhttps://github.com/petehunt/PyMySQL/[xx:xx:28][WARNING]sqlmaprequires'pythoncx_Oracle'third-partylibraryinordertodirectlyconnecttotheDBMSOracle.Downloadfromhttp://cx-oracle.sourceforge.net/[xx:xx:28][WARNING]sqlmaprequires'python-psycopg2'third-partylibraryinordertodirectlyconnecttotheDBMSPostgreSQL.Downloadfromhttp://initd.org/psycopg/[xx:xx:28][WARNING]sqlmaprequires'pythonibm-db'third-partylibraryinordertodirectlyconnecttotheDBMSIBMDB2.Downloadfromhttp://code.google.com/p/ibm-db/[xx:xx:28][WARNING]sqlmaprequires'pythonjaydebeapi&python-jpype'third-partylibraryinordertodirectlyconnecttotheDBMSHSQLDB.Downloadfromhttps://pypi.python.org/pypi/JayDeBeApi/&http://jpype.sourceforge.net/[xx:xx:28][WARNING]sqlmaprequires'python-pyodbc'third-partylibraryinordertodirectlyconnecttotheDBMSMicrosoftAccess.Downloadfromhttp://pyodbc.googlecode.com/v1.075
-
http://pymssql.sourceforge.net/[xx:xx:28][WARNING]sqlmaprequires'python-ntlm'third-partylibraryifyouplantoattackawebapplicationbehindNTLMauthentication.Downloadfromhttp://code.google.com/p/python-ntlm/[xx:xx:28][WARNING]sqlmaprequires'websocket-client'third-partylibraryifyouplantoattackawebapplicationusingWebSocket.Downloadfromhttps://pypi.python.org/pypi/websocket-client/6.13.7DisableconsoleoutputcoloringSwitch:--disable-coloringsqlmapbydefaultusescoloringwhilewrittingtoconsole.Incaseofunde-sirede
-
http://webApp.secure
-
http://testphp.vulnweb.com/artists.php?artist=1
-
http://testphp.vulnweb.com
-
http://www.gnu.org/licenses/gpl-2.0.html.Usageofsqlmapforattackingtargetswithoutpriormutualconsentisillegal.Itistheenduser'sresponsibilitytoobeyallapplicablelocal,stateandfederallaws.Developersassumenoliabilityandarenotresponsibleforanymisuseordamagecausedbythisprogram.9Developers
-
https://twitter.com/inquisb
-
https://twitter.com/stamparm
- Show all
-