2016-06-06 - EK DATA DUMP (NEUTRINO EK, RIG EK)

ASSOCIATED FILES:

  • 2016-06-06-Rig-EK.pcap   (431,364 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-sends-CryptXXX-first-run.pcap   (1,271,688 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-sends-CryptXXX-second-run.pcap   (1,469,813 bytes)
  • 2016-06-06-Rig-EK-flash-exploit.swf   (15,493 bytes)
  • 2016-06-06-Rig-EK-landing-page.txt   (5,188 bytes)
  • 2016-06-06-Rig-EK-payload.exe   (311,296 bytes)
  • 2016-06-06-page-from-garlocksafety.com-with-injected-pseudoDarkleech-script-first-run.txt   (15,049 bytes)
  • 2016-06-06-page-from-garlocksafety.com-with-injected-pseudoDarkleech-script-second-run.txt   (17,535 bytes)
  • 2016-06-06-pseudoDarkleech-CryptXXX-decrypt-instructions.bmp   (3,686,454 bytes)
  • 2016-06-06-pseudoDarkleech-CryptXXX-decrypt-instructions.html   (14,190 bytes)
  • 2016-06-06-pseudoDarkleech-CryptXXX-decrypt-instructions.txt   (1,755 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-flash-exploit-first-run.swf   (89,256 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-flash-exploit-second-run.swf   (89,336 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-landing-page-first-run.txt   (770 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-landing-page-second-run.txt   (758 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-payload-CryptXXX-first-run.dll   (396,800 bytes)
  • 2016-06-06-pseudoDarkleech-Neutrino-EK-payload-CryptXXX-second-run.dll   (662,528 bytes)

 

NOTES:

SOME HISTORY ON PSEUDO-DARKLEECH AND CRYPTXXX:

BACKGROUND ON TODAY'S RIG EK EXAMPLE:

 

TRAFFIC

ASSOCIATED DOMAINS:

 

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.