[2018-08-16] PseudoGate->GrandSoft->SmokeLoader->ZeusPanda
Overview
Saz file is 2018-08-16_10-22-37.saz
(↓Analysis result using EKFiddle)
Malware
SmokeLoader
adcf1d2909fea4e4cf77f65511e88c507e033f6e3b6b2b4aebe5c39a0bbe34c1
[Hybrid-Analysis] [VirusTotal]
ZeusPanda
6e131928aee8964f5226cbe0a030f6a553f2a05dd21053e7b29663dbf28b016e
[Hybrid-Analysis] [VirusTotal]
Traffic-Chain
http[:]//pmconsultors.com
↓
[GrandSoft Exploit Kit][Checker]
http[:]//strain-requirements.compellingyz.xyz/fact
↓
[GrandSoft Exploit Kit][CVE-2018-8174]
http[:]//strain-requirements.compellingyz.xyz/getversoinpd/1/2/3/4
↓
[GrandSoft Exploit Kit][Malware Payload]
http[:]//strain-requirements.compellingyz.xyz/9/166921