2015-07-13 - ANGLER EK FROM 136.243.96.94 SENDS CRYPTOWALL 3.0

PCAP AND MALWARE:

 

NOTES:

 

CHAIN OF EVENTS

ASSOCIATED DOMAINS:

 

TRAFFIC FROM FIRST EXAMPLE (PCAP 1 OF 3):

 

TRAFFIC FROM SECOND EXAMPLE (PCAP 2 OF 3):

 

TRAFFIC FROM THIRD EXAMPLE (PCAP 3 OF 3):

 

FINAL NOTES

Once again, here are the associated files:

Click here to return to the main page.