[2018-10-17] Unknown->FalloutEK->Ursnif

October 17, 2018

Overview

Saz file is 2018-10-17_23-05-46.saz

(↓Analysis result using EKFiddle)

Malware

Ursnif

8699504581b66c1103731360d971270414f99637a2121f1a2f937096937b1052
[Hybrid-Analysis] [VirusTotal]

Traffic-Chain

http[:]//whitepages.review/prpllr?cost=0.001850&currency=USD&external_id=76427570563780608&ad_campaign_id=1382277&source=PropellerAds&sub_id_1=1774896
↓
[Fallout Exploit Kit][Landing Page]
http[:]//mygrid.press/1947_10_12/Tubulate-fainant-8792-Polyanthy/germanish
↓
[Fallout Exploit Kit][Malware Payload]
http[:]//mygrid.press/enharden-lanugo/fNteO