MoVP 3.5: Analyzing the 2008 DFRWS Challenge with Volatility
Tags
| attack-pattern: | Data Bash History - T1552.003 Python - T1059.006 Software - T1592.002 Bash History - T1139 Brute Force - T1110 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | 3eb63a0f-e7ca-4ac5-8d38-60e2c37a8eda |
| Fingerprint | 3330df920973a650 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 28, 2012, noon |
| Added to db | Jan. 18, 2023, 10:43 p.m. |
| Last updated | Nov. 15, 2024, 12:49 a.m. |
| Headline | Volatility Labs |
| Title | MoVP 3.5: Analyzing the 2008 DFRWS Challenge with Volatility |
| Detected Hints/Tags/Attributes | 40/1/20 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 89 | vol.py |
|
| Details | Domain | 1 | xfer.pl |
|
| Details | Domain | 29 | metasploit.com |
|
| Details | Domain | 8 | root.sh |
|
| Details | Domain | 13 | archive.zip |
|
| Details | Domain | 287 | yahoo.com |
|
| Details | File | 1 | crash_ps_args.txt |
|
| Details | File | 85 | vol.py |
|
| Details | File | 1 | linvm.txt |
|
| Details | File | 1 | linpsscan.txt |
|
| Details | File | 1 | xfer.pl |
|
| Details | File | 1 | acct_prem.xls |
|
| Details | File | 1 | domain.xls |
|
| Details | File | 1 | 4b.tar |
|
| Details | File | 14 | notes.txt |
|
| Details | File | 10 | archive.zip |
|
| Details | IPv4 | 1 | 219.93.175.67 |
|
| Details | IPv4 | 1 | 192.168.151.1 |
|
| Details | Url | 1 | http://metasploit.com/users/hdm/tools/xmodulepath.tgz |
|
| Details | Url | 1 | http://219.93.175.67:80 |