2014-02-01 - BIZCN GATE ACTOR FIESTA EK USES CVE-2013-0074 (SILVERLIGHT EXPLOIT)

PCAP AND MALWARE

UPDATE:

 

DETAILS

SNORT EVENTS ON 2014-02-01

ASSOCIATED DOMAINS

INFECTION CHAIN OF EVENTS

 

PRELIMINARY MALWARE ANALYSIS

File name:  EGMR19en.xap
File size:  5.1 KB ( 5212 bytes )
MD5 hash:  f3a69e3db600df458fc9b897697b1657
Virus Total link:  https://www.virustotal.com/en/file/0c4de8b76633caaf571bef1e72eb4310847f0f95d7dd12dec7997061ab25aa27/analysis/
Detection ratio:  1 / 50
First submitted:  2014-02-01 23:50:38 UTC
NOTE: Identified by F-Secure as CVE-2013-0074

 

File name:  flashplayer11_7r31015_316_win.exe
File size:  88.8 KB ( 90887 bytes )
MD5 hash:  590fbb20aaf46e1242dd642fc49cb117
Virus Total link:  https://www.virustotal.com/en/file/8d701cde9ba5734590c1932ab8b3394007b5a18d6acdf8d190267340e960cd90/analysis/
Detection ratio:  13 / 50
First submitted:  2014-02-01 16:02:41 UTC

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.