2015-05-24 - NEUTRINO EK FROM 193.242.211.149

ASSOCIATED FILES:

 

CHAIN OF EVENTS

ASSOCIATED DOMAINS:

 

DATE/TIME OF THE ACTIVITY:

 

TRAFFIC:

 

MALWARE

FLASH EXPLOIT:

File name:  2015-04-24-Neutrino-EK-flash-exploit.swf
File size:  40.7 KB ( 41703 bytes )
MD5 hash:  299fbdcc18026be07fa1dcdfa4b195ca
Detection ratio:  1 / 57
First submission:  2015-04-24 16:09:57 UTC
VirusTotal link:  https://www.virustotal.com/en/file/7be063cf2fd8d41c12e77eeef2a299d014b7174a2c4f115935f20482e384cee9/analysis/

 

MALWARE PAYLOAD:

File name:  2015-04-24-Neutrino-EK-malware-payload.exe
File size:  335.5 KB ( 343552 bytes )
MD5 hash:  174a16e10cfb51b0ea10c4e4a1f5d3b4
Detection ratio:  35 / 57
First submission:  2015-04-16 16:19:52 UTC
VirusTotal link:  https://www.virustotal.com/en/file/9e5bd085ac44548035eb1c61ffe48a18b8a116e7f262b81e750e0c0ca1cb201e/analysis/
Malwr link:  https://malwr.com/analysis/NWQ3MjI2YzY1NDA3NDIyYjk5NzgyMTkyOWEwMmMwY2Q/

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.