Open Oil3 opened 10 months ago
SberSwapInference.ipynb
what it is this code trying to pretend its a png hiding with base 64 inside that file?
this is not cool at all.
http://www.hybrid-analysis.com/sample/7306e3871ed7f8d5cd5366755fb4407960706215c5925be05d231403a96f5700
passed from suspicious 40% threat to malicious 80% when I told the sandbox to open web browser.
The base 64 got me curious. 97% of the file size is of base 64 that's not a png despite saying its a png
What is it ? I suspect the sandbox to be racist with anything sounding slavic.
grep png SberSwapInference.ipynb | cut -d "\"" -f 4 | base64 -d > file.png
SberSwapInference.ipynb
what it is this code trying to pretend its a png hiding with base 64 inside that file?
this is not cool at all.
http://www.hybrid-analysis.com/sample/7306e3871ed7f8d5cd5366755fb4407960706215c5925be05d231403a96f5700
passed from suspicious 40% threat to malicious 80% when I told the sandbox to open web browser.
The base 64 got me curious. 97% of the file size is of base 64 that's not a png despite saying its a png
What is it ? I suspect the sandbox to be racist with anything sounding slavic.