[2018-03-08] Bloodlust_Drive-by->Berbew

March 08, 2018

Overview

Saz file is 2018-03-08_14-10-15.saz

(↓Analysis result using EKFiddle)

Malware

Berbew

ed7100eb093e0921ee4c9bb3c1c8146f41019b7f1725978c51172611be469642
[Hybrid-Analysis] [VirusTotal]

Traffic-Chain

http[:]//bigbatterysaver.review/DtQjmT?cost=0.0020416&sub_id_1=5
↓
[Bloodlust_Drive-by]
http[:]//bestbettarysaver.win/?hop=a545a
↓
[Bloodlust_Drive-by][Landing Page]
https[:]//backends.bid/bp/index.php?0FHhCjiD2at9VV-OgMMx=5y-3ZTigg_RTGSyK26dF9VnRhsQwq0JqrlT4yVBnIl-mksDkxOMkRWFM
↓
[Bloodlust_Drive-by][Redirector]
http[:]//backends.bid/bp/f.php
↓
[Bloodlust_Drive-by][Malware Payload]
http[:]//backends.bid/bp/odt.dat