[2018-08-16] PseudoGate->GrandSoft->SmokeLoader->ZeusPanda

August 16, 2018

Overview

Saz file is 2018-08-16_10-22-37.saz

(↓Analysis result using EKFiddle)

Malware

SmokeLoader

adcf1d2909fea4e4cf77f65511e88c507e033f6e3b6b2b4aebe5c39a0bbe34c1
[Hybrid-Analysis] [VirusTotal]

ZeusPanda

6e131928aee8964f5226cbe0a030f6a553f2a05dd21053e7b29663dbf28b016e
[Hybrid-Analysis] [VirusTotal]

Traffic-Chain

http[:]//pmconsultors.com
↓
[GrandSoft Exploit Kit][Checker]
http[:]//strain-requirements.compellingyz.xyz/fact
↓
[GrandSoft Exploit Kit][CVE-2018-8174]
http[:]//strain-requirements.compellingyz.xyz/getversoinpd/1/2/3/4
↓
[GrandSoft Exploit Kit][Malware Payload]
http[:]//strain-requirements.compellingyz.xyz/9/166921