2016-07-26 - MALSPAM HUNT
ASSOCIATED FILE:
- ZIP archive of the data: 2016-07-26-malspam-hunt.zip 1.9 MB (1,902,924 bytes)
NOTES:
- Just some malicious spam I collected throughout the day. No traffic. See the spreadsheet included in the archive for details.
- Almost all of it is Locky-related.
$ zip -er -P [password] 2016-07-26-malspam-hunt.zip *
adding: 2016-07-26-malspam-data.csv (deflated 56%)
adding: attachments/ (stored 0%)
adding: attachments/02FA73A99D9C3A42.docm (deflated 9%)
adding: attachments/1E8521D090D3DF0F.docm (deflated 9%)
adding: attachments/31C07953D5C01E61.docm (deflated 9%)
adding: attachments/3281B4C0FB9CA8A9.docm (deflated 9%)
adding: attachments/599F62AF58161C3E.docm (deflated 9%)
adding: attachments/6045dc0f4542.zip (stored 0%)
adding: attachments/7BAC3_carla.zip (stored 0%)
adding: attachments/A2673_jon.zip (stored 0%)
adding: attachments/A76CBE09259B5E0F.docm (deflated 9%)
adding: attachments/C43D5_linda.zip (stored 0%)
adding: attachments/DEA3ADF1CC0BB6B7.docm (deflated 9%)
adding: attachments/f5bf47a509db.zip (stored 0%)
adding: attachments/finn_2759.zip (stored 0%)
adding: attachments/norman_D5BF3C.zip (stored 0%)
adding: attachments/smith_92668.zip (stored 0%)
adding: attachments/walker_19473.zip (stored 0%)
adding: emails/ (stored 0%)
adding: emails/2016-07-26-1312-UTC.eml (deflated 28%)
adding: emails/2016-07-26-1330-UTC.eml (deflated 28%)
adding: emails/2016-07-26-1332-UTC.eml (deflated 29%)
adding: emails/2016-07-26-1342-UTC.eml (deflated 28%)
adding: emails/2016-07-26-1359-UTC.eml (deflated 33%)
adding: emails/2016-07-26-1402-UTC.eml (deflated 30%)
adding: emails/2016-07-26-1406-UTC.eml (deflated 30%)
adding: emails/2016-07-26-1411-UTC.eml (deflated 28%)
adding: emails/2016-07-26-1419-UTC.eml (deflated 30%)
adding: emails/2016-07-26-1454-UTC.eml (deflated 30%)
adding: emails/2016-07-26-1459-UTC.eml (deflated 28%)
adding: emails/2016-07-26-1504-UTC.eml (deflated 30%)
adding: emails/2016-07-26-1510-UTC.eml (deflated 28%)
adding: emails/2016-07-26-1731-UTC.eml (deflated 30%)
adding: emails/2016-07-26-1759-UTC.eml (deflated 30%)
adding: emails/2016-07-26-1840-UTC.eml (deflated 42%)
adding: emails/2016-07-26-2048-UTC.eml (deflated 25%)
adding: emails/2016-07-26-2053-UTC.eml (deflated 25%)
adding: extracted-or-downloaded-files/ (stored 0%)
adding: extracted-or-downloaded-files/26072016xObSjF6m1C19Ony0kFEt1GvBKUy7XaFq.vbs (deflated 56%)
adding: extracted-or-downloaded-files/activities -436-..wsf (deflated 69%)
adding: extracted-or-downloaded-files/activities -48AF-..wsf (deflated 69%)
adding: extracted-or-downloaded-files/activities -592-..wsf (deflated 69%)
adding: extracted-or-downloaded-files/activities -66AC-..wsf (deflated 69%)
adding: extracted-or-downloaded-files/activities -74AD-..wsf (deflated 70%)
adding: extracted-or-downloaded-files/activities -AEBC-..wsf (deflated 69%)
adding: extracted-or-downloaded-files/activities -CC7-..wsf (deflated 69%)
adding: extracted-or-downloaded-files/meeting -60EE-..wsf (deflated 65%)
adding: extracted-or-downloaded-files/meeting -8E1-..wsf (deflated 65%)
adding: follow-up-malware/ (stored 0%)
adding: follow-up-malware/1EosHDZ1qGKYbDb.exe (deflated 17%)
adding: follow-up-malware/BESb7nmWLpQiN.exe (deflated 16%)
adding: follow-up-malware/HeDDP02u9XOvKJP.exe (deflated 16%)
adding: follow-up-malware/hramgs.exe (deflated 16%)
adding: follow-up-malware/hsopZxVjqq1.exe (deflated 17%)
adding: follow-up-malware/ItCQPwOhywbDJ.exe (deflated 17%)
adding: follow-up-malware/QpJ9yQgoPiAqG.exe (deflated 17%)
adding: follow-up-malware/sSkX5bcdqTxrh.exe (deflated 17%)
adding: follow-up-malware/tOz65BrNRT.exe (deflated 16%)
adding: follow-up-malware/WvudqOa3hZtNz.exe (deflated 17%)
FINAL NOTES
Once again, here is the archive:
- ZIP archive of everything: 2016-07-26-malspam-hunt.zip 1.9 MB (1,902,924 bytes)
The ZIP file is password-protected with the standard password. If you don't know it, look at the "about" page of this website.
Click here to return to the main page.