Windows Analysis Report
stroop-master.zip

Overview

Sample name:	stroop-master.zip
Analysis ID:	1430585
MD5:	5127dd7dec482d81ea1d10be3d7c31d1
SHA1:	11c57fe7eee4518cce026962ee42aedfd4b4fc03
SHA256:	b31580e55640ffde6967ba13303b4207bb49242dba5168e695a530ce26a032ff
Infos:

Errors No process behavior to analyse as no analysis process or sample was found

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for submitted file

Yara signature match

AV Detection

Source: stroop-master.zip

ReversingLabs: Detection: 32%

System Summary

Source: stroop-master.zip, type: SAMPLE	Matched rule: Web Shell - file simple-backdoor.php Author: Florian Roth
Source: stroop-master.zip, type: SAMPLE	Matched rule: PHP Webshells Github Archive - file Simple_PHP_backdoor_by_DK.php Author: Florian Roth

Source: stroop-master.zip, type: SAMPLE	Matched rule: webshell_simple_backdoor date = 2014/01/28, author = Florian Roth, description = Web Shell - file simple-backdoor.php, score = f091d1b9274c881f8e41b2f96e6b9936
Source: stroop-master.zip, type: SAMPLE	Matched rule: WebShell_Simple_PHP_backdoor_by_DK author = Florian Roth, description = PHP Webshells Github Archive - file Simple_PHP_backdoor_by_DK.php, hash = 03f6215548ed370bec0332199be7c4f68105274e

Source: classification engine

Classification label: mal56.winZIP@0/0@0/0

Source: stroop-master.zip

ReversingLabs: Detection: 32%

Hide Legend

Legend:

⊘No contacted IP infos

ID:	1430585
Product:	CloudBasic
Start time:	22:48:08
Start date:	23.04.2024
Sample:	stroop-master.zip
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	5127dd7dec482d81ea1d10be3d7c31d1
SHA1:	11c57fe7eee4518cce026962ee42aedfd4b4fc03
SHA256:	b31580e55640ffde6967ba13303b4207bb49242dba5168e695a530ce26a032ff