2015-07-05 - BIZCN GATE ACTOR USING NUCLEAR EK - TRAFFIC AND MALWARE

PCAPS AND MALWARE:

 

NOTES:

 

UPDATE (2015-07-06):

 

TRAFFIC

2015-06-15-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap

185.92.223.3 port 80 - infeedworld.eu - Nuclear EK on 2015-06-15

 

2015-06-15-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap

185.92.223.3 port 80 - infeedworld.eu - Nuclear EK on 2015-06-15

 

2015-06-15-BizCN-gate-actor-Nuclear-EK-traffic-example-3.pcap

185.92.223.3 port 80 - infeedworld.eu - Nuclear EK on 2015-06-15

 

2015-07-02-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap

107.191.63.163 port 80 - cloud.blifoud.in - Nuclear EK

 

2015-07-02-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap

107.191.63.163 port 80 - cloud.blifoud.in - Nuclear EK

 

2015-07-03-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap

 

2015-07-03-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap

 

2015-07-03-BizCN-gate-actor-Nuclear-EK-traffic-example-3.pcap

 

2015-07-04-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap

 

2015-07-04-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap

 

2015-07-04-BizCN-gate-actor-Nuclear-EK-traffic-example-3.pcap

 

2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-1.pcap

 

2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-2.pcap

 

2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-3.pcap

 

2015-07-05-BizCN-gate-actor-Nuclear-EK-traffic-example-4.pcap

 

FINAL NOTES

Once again, here's the traffic and malware:

The ZIP files are password-protected with the standard password.  If you don't know it, email me at admin@malware-traffic-analysis.net and ask.

Click here to return to the main page.