2016-08-27 - GUEST BLOG BY M. ZUBAIR RAFIQUE - MAGNITUDE EK IN JULY 2016 SENDS CERBER RANSOMWARE

EDITOR'S NOTE:

 

ASSOCIATED FILES:

  • 2016-07-24-Malvertising-leading-to-Magnitude-EK-sends-Cerber.pcap  (4,533,360 bytes)
  • 2016-07-24-Magnitude-EK-flash-exploit.swf  (65,085 bytes)
  • 2016-07-24-Magnitude-EK-flash-redirector.swf  (718 bytes)
  • 2016-07-24-Malvertising-leading-to-Magnitude-EK-payload-Cerber.exe  (670,868 bytes)

 

DECEPTIVE AND COERCIVE ADVERTISING


Shown above:  A coercive advertisement leading to Magnitude EK.

 

REDIRECTION CHAIN LEADING TO MAGNITUDE EK:

 

FILE HASHES

FLASH REDIRECTS AND FLASH EXPLOIT:

MALWARE PAYLOAD:

 

IMAGES


Shown above:  Desktop of a Windows host infected with this Cerber sample.

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.