2016-02-22 - ANGLER EK DATA DUMP

PCAPS AND MALWARE:

 

NOTES:

 


Shown above:  An example of injected script in pages from the compromised websites (3 of the 4 that led directly to Angler EK).

 


Shown above:  A screenshot from the infected Windows host after Angler EK delivered TeslaCrypt ransomware.

 

DETAILS

2016-02-22 17:46 UTC:

2016-02-22 18:39 UTC:

2016-02-22 20:08 UTC:

2016-02-22 20:59 UTC:

$ md5sum *.exe

$ md5sum *.swf

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.