2015-11-30 - ANGLER EK SENDS CRYPTOWALL

ASSOCIATED FILES:

• ZIP archive of the PCAP:  2015-11-30-Angler-EK-traffic.pcap.zip   834.0 kB (833,973 bytes)
• ZIP archive of the malware:  2015-11-30-Angler-EK-sends-CryptoWall-malware-and-artifacts.zip   421.5 kB (421,469 bytes)

 

NOTES:

• Looks like I got Angler EK sending what people have been calling CryptoWall 4.0.

 

Shown above:  Traffic filtered in Wireshark.

 

Shown above:  The infected host's desktop after the CryptoWall infection.

 

FINAL NOTES

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.