[2018-08-24] PseudoGate->GrandSoft->SmokeLoader->ZeusPanda
Overview
Saz file is 2018-08-24_23-00-57.saz
(↓Analysis result using EKFiddle)
Malware
SmokeLoader
8a12b9d27989b30e49aaf3d3b0d95b470e8ac7b5b236a9ce95e04b983509fd7c
[Hybrid-Analysis] [VirusTotal]
ZeusPanda
5c6b6d63d7bccc2f8c1b8633b85ebd3a4f8818cf872aeca02869edbfd26a9917
[Hybrid-Analysis] [VirusTotal]
Traffic-Chain
http[:]//balmyfurniture.com
↓
[GrandSoft Exploit Kit][Checker]
http[:]//slang.molmcclshavemwi.xyz/generalized_vestige_defender.html
↓
[GrandSoft Exploit Kit][CVE-2018-8174]
http[:]//slang.molmcclshavemwi.xyz/getversoinpd/1/2/3/4
↓
[GrandSoft Exploit Kit][Malware Payload]
http[:]//slang.molmcclshavemwi.xyz/9/104468