[2018-09-21] PseudoGate->GrandSoft->Ramnit
Overview
Saz file is 2018-09-21_22-45-58.saz
(↓Analysis result using EKFiddle)
Malware
Ramnit
40902f435d220655b9dfc5738dd8d9e2ebbbb12b9e54ce32ddd29d2b144aca76
[Hybrid-Analysis] [VirusTotal]
Traffic-Chain
https[:]//dollpremium.com/adcash.php?ban=22469542&clickid=15375376992116109753214767155394472&campaign=123212220
↓
[GrandSoft Exploit Kit][Checker]
http[:]//piercing.apartvd.xyz/veiledcahootschump.htm
↓
[GrandSoft Exploit Kit][CVE-2018-8174]
http[:]//piercing.apartvd.xyz/getversoinpd/1/2/3/4
↓
[GrandSoft Exploit Kit][Malware Payload]
http[:]//piercing.apartvd.xyz/9/132546