[2018-02-09] Slots->GrandSoft->Miner
Overview
Saz file is 2018-02-09_20-05-18.saz
(↓Analysis result using EKFiddle)
Malware
Coin Miner
d140b77968545f38f0db6732b333fa224035ad1815a3e3aaeda576c7f8a1a7be
[Hybrid-Analysis] [VirusTotal]
Traffic-Chain
[Slots]
http[:]//theslotmachina.bid/camp2?source={zoneid}&cost={cost}
↓
[GrandSoft][Landing Page]
http[:]//dart.wyn-fyctunnelswc.xyz/godly-prepconstructing
↓
[GrandSoft][CVE-2016-0189]
http[:]//dart.wyn-fyctunnelswc.xyz/getversionpd/null/18A0A0A160/null/null