2015-04-01 - ANGLER EK FROM 209.126.113.76

ASSOCIATED FILES:

 

NOTES

SOME OF THE DIRECTORIES AND FILES CREATED FROM THE INFECTION:

 

SPOME OF THE REGISTRY KEYS CREATED OR UPDATED:

 

ASSOCIATED DOMAINS:

 

ANGLER EK:

 

POST-INFECTION TRAFFIC:

 

CLICK-FRAUD (FAKE SEARCH) TRAFFIC BEGINS:

 

SEE THE PCAP FOR MORE DETAILS:

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.