2015-07-30 - BIZCN GATE ACTOR NUCLEAR EK ON 46.101.18.39

PCAP AND MALWARE:

 

NOTES:

Been seeing a lot of this from the gate domains lately:

 

TRAFFIC

ASSOCIATED DOMAINS:

 

From the zip archive: 2015-07-29-BizCN-gate-actor-Nuclear-EK-traffic.pcap

 

From the zip archive: 2015-07-30-BizCN-gate-actor-Nuclear-EK-traffic-example-1-of-5.pcap

 

From the zip archive: 2015-07-30-BizCN-gate-actor-Nuclear-EK-traffic-example-2-of-5.pcap

 

From the zip archive: 2015-07-30-BizCN-gate-actor-Nuclear-EK-traffic-example-3-of-5.pcap

 

From the zip archive: 2015-07-30-BizCN-gate-actor-Nuclear-EK-traffic-example-4-of-5.pcap

 

From the zip archive: 2015-07-30-BizCN-gate-actor-Nuclear-EK-traffic-example-5-of-5.pcap

 

CRYPTOWALL 3.0 TRAFFIC SEEN ON 2015-07-30:

 

From the zip archive: 2015-07-30-BizCN-gate-actor-Nuclear-EK-traffic-example-2-of-5.pcap

 

FINAL NOTES

Once again, here are the associated files:

The ZIP file is password-protected with the standard password.  If you don't know it, email me at admin@malware-traffic-analysis.net and ask.

Click here to return to the main page.