2016-06-07 - PCAP AND MALWARE FOR AN ISC DIARY

ASSOCIATED FILES:

• ZIP archive of the pcaps:  2016-06-07-pcaps-for-ISC-diary.zip   2.4 MB (2,362,136 bytes)

• 2016-06-07-EITest-Neutrino-EK-sends-CryptXXX.pcap   (1,338,145 bytes)
• 2016-06-07-pseudoDarkleech-Neutrino-EK-sends-CryptXXX.pcap   (1,233,088 bytes)

• ZIP archive of the malware and artifacts:  2016-06-07-malware-and-artifacts-for-ISC-diary.zip   811.7 kB (811,719 bytes)

• 2016-06-07-EITest-CryptXXX-decrypt-instructions.bmp   (3,686,454 bytes)
• 2016-06-07-EITest-CryptXXX-decrypt-instructions.html   (14,193 bytes)
• 2016-06-07-EITest-CryptXXX-decrypt-instructions.txt   (1,755 bytes)
• 2016-06-07-EITest-Neutrino-EK-flash-exploit-vs-21.0.0.213.swf   (91,764 bytes)
• 2016-06-07-EITest-Neutrino-EK-landing-page.txt   (764 bytes)
• 2016-06-07-EITest-Neutrino-EK-payload-CryptXXX.dll   (419,328 bytes)
• 2016-06-07-EITest-flash-redirector-from-nulesz.tk.swf   (16,027 bytes)
• 2016-06-07-page-from-www.shoutout.com.br-with-injected-EITest-script.txt   (38,809 bytes)
• 2016-06-07-page-from-www.shoutout.com.br-with-injected-pseudoDarkleech-and-EITest-script.txt   (56,395 bytes)
• 2016-06-07-pseudoDarkleech-CryptXXX-decrypt-instructions.bmp   (3,686,454 bytes)
• 2016-06-07-pseudoDarkleech-CryptXXX-decrypt-instructions.html   (14,190 bytes)
• 2016-06-07-pseudoDarkleech-CryptXXX-decrypt-instructions.txt   (1,755 bytes)
• 2016-06-07-pseudoDarkleech-Neutrino-EK-flash-exploit-vs-18.0.0.160.swf   (90,401 bytes)
• 2016-06-07-pseudoDarkleech-Neutrino-EK-landing-page.txt   (864 bytes)
• 2016-06-07-pseudoDarkleech-Neutrino-EK-payload-CryptXXX.dll   (440,320 bytes)

 

NOTES:

• The associated ISC diary is located here.

 

The ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.