The file masquerades as a standard video file ( .mp4 ) to evade casual observation. However, upon execution in the sandbox environment, it exhibits classic malware behavior by attempting to establish persistence and calling home to a suspicious IP address.
To progress in the task and climb the "Pyramid of Pain," you should take the following actions in the simulation: septMeetii1mp4
Go to the Network Perimeter or Firewall tab and block traffic to 104.28.18.238 . The file masquerades as a standard video file (
To give you a "solid report," here is the forensic breakdown of that file based on the PicoSecure sandbox analysis within the simulation. Category Details File Name septMeetii1.mp4 MD5 Hash e1d5f9920d3674697920409a8ec3f898 Status Malicious Behavior To give you a "solid report," here is
Drops a secondary payload and communicates with an external Command & Control (C2) server.
Go to the Manage Hashes tab and add e1d5f9920d3674697920409a8ec3f898 to the blocklist.