[2018-04-10] Unknown->RigEK->GandCrabApril 10, 2018 OverviewSaz file is 2018-04-10_00-40-59.saz (↓Analysis result using EKFiddle) MalwareGandCrab7efa4fb06abe1a9c9cde116142af387b514c16d71b98b27fa3bd3b6271851b60 [Hybrid-Analysis] [VirusTotal] Traffic-Chain [RigEK][Landing Page] http[:]//185.154.53.185/?NTMzMzYx&pLggKQ&fdx3s=xXrQMvWfbRXQDp3EKv_cT6NBMVHRHkCL2Y2dmrHTefjaeFWkzrLFTF_xozKATgSG6_FtdfJ&zndF
Summary: After some absence, I have returned to blog on Rig EK’s inclusion of CVE-2018-4878. This was reported by @nao_sec and then @kafeine. Initially I had planed to blog about a maldoc. I had obtained a sample of a #ThreadKit document that had recently included this Flash exploit and so I updated my lab in order to display it and give me something to blog about. That’s when I saw the Twitter po
This post was authored by Vasilios Hioueras and Jérôme Segura Update (2018-04-16): Magnitude EK has switched from Magniber to GandCrab. Update (2018-02-28): Major development with GandCrab. A decryptor for it is available from NoMoreRansom here. You can read the press release from Europol here. Update (2018-02-02): GandCrab is delivered via Necurs malicious spam [1]. Update (2018-02-01): GandCrab
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く