[2018-11-16] PseudoGate->GrandSoft->Ramnit

November 16, 2018

Overview

Saz file is 2018-11-16_19-03-46.saz

(↓Analysis result using EKFiddle)

Malware

Ramnit

5e1ee07b736f1635fcf0edb26244a192614b9ba99827c1d3e4d2956c43de1c5f
[Hybrid-Analysis] [VirusTotal]

Traffic-Chain

http://homelandrealtyandproperties.com
↓
[GrandSoft Exploit Kit][Checker]
http://mng-depositors.secure1tester.info/anal_handwriting-jason
↓
[GrandSoft Exploit Kit][Landing Page]
http://mng-depositors.secure1tester.info/getversoinpd/1/2/3/4
↓
[GrandSoft Exploit Kit][Malware Payload]
http://mng-depositors.secure1tester.info/9/137953