[2018-09-12] FalloutEK->GandCrab

September 12, 2018

Overview

Saz file is 2018-09-12_14-48-50.saz

(↓Analysis result using EKFiddle)

Malware

GandCrab

6a426cddd1e51fd4760b236919c89fb6621448de2edad195ddb39946d15e643e
[Hybrid-Analysis] [VirusTotal]

Traffic-Chain

http[:]//51.15.98.59/62SPJm?cost={cost}&uclick=377sqd
↓
[Fallout Exploit Kit][Landing Page]
http[:]//flowertowerback.space/7482-13476-Battement/iACi/11939.dhtml?Heartbird=viaducts_myoporum_oursel&Ep0EUP=KGFZ&NRpX=Octads_gunman_analogal_14889_tellurist_3946
↓
[Fallout Exploit Kit][Malware Payload]
http[:]//flowertowerback.space/zlUv7/vFoirNM/Unfortune/1968_06_23.jsp