2016-09-21 - FILES FOR AN ISC DIARY

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

NOTES:

• The associated ISC diary is:  Those never-ending waves of Locky malspam

 

ASSOCIATED FILES:

• ZIP archive of today's data:  2016-09-21-files-for-ISC-diary.zip   6.0 MB (5,959,348 bytes)

• 2016-09-20-Locky-malspam-data.csv   (4,555 bytes)

• artifacts-from-infected-hosts / C8jR1bZVlusv.dll   (156,160 bytes)
• artifacts-from-infected-hosts / GY5uenfegXaeG6Ai.dll   (138,878 bytes)
• artifacts-from-infected-hosts / JcX05G4XAhOa.dll   (137,829 bytes)
• artifacts-from-infected-hosts / PbTB4Om2.dll   (137,840 bytes)
• artifacts-from-infected-hosts / RKg73dPPeXDw2xvC.dll   (156,672 bytes)
• artifacts-from-infected-hosts / ZjvNymPEbZbJ.dll   (156,160 bytes)
• artifacts-from-infected-hosts / _HELP_instructions.bmp   (3,578,902 bytes)
• artifacts-from-infected-hosts / _HELP_instructions.html   (9,337 bytes)
• artifacts-from-infected-hosts / hkWacRI1.dll   (263,680 bytes)
• artifacts-from-infected-hosts / nQmgcYCxWv1.dll   (263,680 bytes)
• artifacts-from-infected-hosts / urptQQrEC1.dll   (263,680 bytes)
• artifacts-from-infected-hosts / vGnex6kF.dll   (156,160 bytes)
• artifacts-from-infected-hosts / ykrbLoyIT2OMSgw.dll   (137,840 bytes)

• attachments /   _0686189_40551.zip   (9,482 bytes)
• attachments /   _4773368_30722.zip   (9,508 bytes)
• attachments /   _7270_20362.zip   (9,508 bytes)
• attachments /   _97677_68696.zip   (9,488 bytes)
• attachments / 0034_138098.zip   (9,476 bytes)
• attachments / 28a3730b7ecf.zip   (11,473 bytes)
• attachments / 4245_41341.zip   (9,486 bytes)
• attachments / 43548f39aaa.zip   (11,471 bytes)
• attachments / 4575_19580.zip   (9,496 bytes)
• attachments / 5cf653672557.zip   (11,467 bytes)
• attachments / 716caab92c7.zip   (11,476 bytes)
• attachments / 7273_35453.zip   (9,489 bytes)
• attachments / 72c9ab3d8d.zip   (11,501 bytes)
• attachments / Receipt 2957513.zip   (9,377 bytes)
• attachments / Receipt 30404.zip   (9,404 bytes)
• attachments / Receipt 5169729.zip   (9,412 bytes)
• attachments / Receipt 748658.zip   (9,395 bytes)
• attachments / acd2dc4d9065.zip   (11,459 bytes)
• attachments / bb19c0f2b03.zip   (11,467 bytes)
• attachments / bb79d0149408.zip   (11,400 bytes)

• emails / 2016-09-20-0825-UTC.eml   (17,408 bytes)
• emails / 2016-09-20-0907-UTC.eml   (16,626 bytes)
• emails / 2016-09-20-0917-UTC.eml   (16,649 bytes)
• emails / 2016-09-20-1000-UTC.eml   (16,624 bytes)
• emails / 2016-09-20-1052-UTC.eml   (14,039 bytes)
• emails / 2016-09-20-1055-UTC.eml   (13,991 bytes)
• emails / 2016-09-20-1334-UTC.eml   (13,994 bytes)
• emails / 2016-09-20-1354-UTC.eml   (14,058 bytes)
• emails / 2016-09-20-1429-UTC.eml   (15,949 bytes)
• emails / 2016-09-20-1443-UTC.eml   (15,950 bytes)
• emails / 2016-09-20-1755-UTC.eml   (16,514 bytes)
• emails / 2016-09-20-1816-UTC.eml   (16,545 bytes)
• emails / 2016-09-20-1904-UTC.eml   (16,458 bytes)
• emails / 2016-09-20-1936-UTC.eml   (16,588 bytes)
• emails / 2016-09-20-1952-UTC.eml   (15,942 bytes)
• emails / 2016-09-20-2005-UTC.eml   (15,912 bytes)
• emails / 2016-09-20-2155-UTC.eml   (14,158 bytes)
• emails / 2016-09-20-2200-UTC.eml   (14,154 bytes)
• emails / 2016-09-20-2209-UTC.eml   (14,170 bytes)
• emails / 2016-09-20-2216-UTC.eml   (14,146 bytes)

• extracted-files / B69A8P7702.wsf   (43,411 bytes)
• extracted-files / DNNE45601.wsf   (37,622 bytes)
• extracted-files / FNWWLV219901.wsf   (43,406 bytes)
• extracted-files / KR9IQPP18301.wsf   (43,393 bytes)
• extracted-files / KV5X6203.wsf   (43,411 bytes)
• extracted-files / LXWQ2102.wsf   (43,423 bytes)
• extracted-files / NWKG9T47501.wsf   (37,605 bytes)
• extracted-files / QJJ233601.wsf   (37,596 bytes)
• extracted-files / RIN912202.wsf   (43,431 bytes)
• extracted-files / RXXRN463601.wsf   (37,548 bytes)
• extracted-files / SMYL8004.wsf   (43,447 bytes)
• extracted-files / WY1TLGZ8402.wsf   (43,429 bytes)
• extracted-files / tracking data ~4E529E85~.js   (147,765 bytes)
• extracted-files / tracking data ~4EF33269~.js   (147,606 bytes)
• extracted-files / tracking data ~B391B8~.js   (148,275 bytes)
• extracted-files / tracking data ~C23891C1~.js   (147,643 bytes)
• extracted-files / updated order ~5F2B541~ pdf.js   (147,576 bytes)
• extracted-files / updated order ~A4B321A1~ pdf.js   (147,624 bytes)
• extracted-files / updated order ~CED9114~ pdf.js   (147,513 bytes)
• extracted-files / updated order ~D0461D3~ pdf.js   (146,934 bytes)

• pcaps / 2016-09-20-traffic-from-0825-UTC-malspam.pcap   (191,295 bytes)
• pcaps / 2016-09-20-traffic-from-0907-UTC-malspam.pcap   (192,743 bytes)
• pcaps / 2016-09-20-traffic-from-0917-UTC-malspam.pcap   (191,594 bytes)
• pcaps / 2016-09-20-traffic-from-1000-UTC-malspam.pcap   (147,274 bytes)
• pcaps / 2016-09-20-traffic-from-1052-UTC-malspam.pcap   (1,092 bytes)
• pcaps / 2016-09-20-traffic-from-1755-UTC-malspam.pcap   (172,896 bytes)
• pcaps / 2016-09-20-traffic-from-1816-UTC-malspam.pcap   (140,625 bytes)
• pcaps / 2016-09-20-traffic-from-1904-UTC-malspam.pcap   (174,347 bytes)
• pcaps / 2016-09-20-traffic-from-1936-UTC-malspam.pcap   (239,726 bytes)
• pcaps / 2016-09-20-traffic-from-2155-UTC-malspam.pcap   (660,547 bytes)
• pcaps / 2016-09-20-traffic-from-2200-UTC-malspam.pcap   (839,674 bytes)
• pcaps / 2016-09-20-traffic-from-2209-UTC-malspam.pcap   (755,430 bytes)
• pcaps / 2016-09-20-traffic-from-2216-UTC-malspam.pcap   (843,760 bytes)

 

Click here to return to the main page.