2017-05-10 - FILES FOR AN ISC DIARY (RIG EK)

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

NOTES:

• The associated ISC diary is:  Seamless Campaign using Rig Exploit Kit to send Ramnit Trojan

 

ASSOCIATED FILES:

• 2017-05-10-Rig-EK-sends-Ramnit-2-pcaps.zip   3.0 MB (2,986,804 bytes)

• 2017-05-10-Rig-EK-sends-Ramnit-1st-run.pcap   (1,765,946 bytes)
• 2017-05-10-Rig-EK-sends-Ramnit-2nd-run.pcap   (1,430,860 bytes)

• 2017-05-10-Rig-EK-and-Ramnit-malware-and-artifacts.zip   613.9 kB (613,941 bytes)

• 2017-05-10-Rig-EK-artifact-o32.tmp-both-runs.txt   (11,41 bytes)
• 2017-05-10-Rig-EK-flash-exploit-both-runs.swf   (16,496 bytes)
• 2017-05-10-Rig-EK-landing-page-1st-run.txt   (32,628 bytes)
• 2017-05-10-Rig-EK-landing-page-2nd-run.txt   (118,434 bytes)
• 2017-05-10-Rig-EK-payload-Ramnit-1st-run.exe   (231,424 bytes)
• 2017-05-10-Rig-EK-payload-Ramnit-2nd-run.exe   (231,424 bytes)
• 2017-05-10-flow335.php-1st-run.txt   (542 bytes)
• 2017-05-10-flow335.php-2nd-run.txt   (537 bytes)
• 2017-05-10-post-infection-artifact-Users-username-AppData-Local-bxnknleu.exe   (114,688 bytes)

 

Click here to return to the main page.