2015-07-05 - BIZCN GATE ACTOR USING NUCLEAR EK - TRAFFIC AND MALWARE

PCAPS AND MALWARE:

  • 2015-07-03-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap   (1,058,928 bytes)
  • 2015-07-03-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap   (606,443 bytes)
  • 2015-07-03-BizCN-gate-actor-Nuclear-EK-traffic-example-3.pcap   (1,030,374 bytes)
  • 2015-07-04-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap   (632,325 bytes)
  • 2015-07-04-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap   (4,949,332 bytes)
  • 2015-07-04-BizCN-gate-actor-Nuclear-EK-traffic-example-3.pcap   (1,082,113 bytes)
  • 2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap   (626,075 bytes)
  • 2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap   (1,095,644 bytes)
  • 2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-3.pcap   (579,164 bytes)
  • 2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-4.pcap   (585,983 bytes)

 

NOTES:

 

UPDATE (2015-07-06):

 

TRAFFIC

2015-06-15-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap

185.92.223.3 port 80 - infeedworld.eu - Nuclear EK on 2015-06-15

 

185.92.223.3 port 80 - infeedworld.eu - Nuclear EK on 2015-06-15

 

185.92.223.3 port 80 - infeedworld.eu - Nuclear EK on 2015-06-15

 

107.191.63.163 port 80 - cloud.blifoud.in - Nuclear EK

 

107.191.63.163 port 80 - cloud.blifoud.in - Nuclear EK

 

 

 

 

 

 

 

 

 

 

 

FINAL NOTES

Once again, here's the traffic and malware:

Zip archives are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.