2015-09-14 - BIZCN GATE ACTOR NEUTRINO EK FROM 46.108.156.189 PORT 35827 - KXHGOKBJQC.UOQBZFYXDCT.CF

PCAP AND MALWARE:

 

NOTES:

 

 

TRAFFIC

ASSOCIATED DOMAINS:

 

COMPROMISED WEBSITE AND REDIRECT:

 

NEUTRINO EK:

 

POST-INFECTION TRAFFIC CAUSED BY THE CRYPTOWALL 3.0 PAYLOAD:

 

FINAL NOTES

Once again, here are the associated files:

NOTE:  All zip archives on this site are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.