2016-08-17 - FILES FOR AN ISC DIARY

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

NOTES:

• The associated ISC diary is:  1 compromised site - 2 campaigns

ASSOCIATED FILES:

• 2016-08-17-pcaps-for-ISC-diary.zip   1.2 MB (1,178,262 bytes)

• 2016-08-17-EITest-Rig-EK-sends-possible-Vawtrak-after-agreen_com_tr.pcap   (1,090,981 bytes)
• 2016-08-17-pseudoDarkleech-Neutrino-EK-sends-CrypMIC-after-agreen_com_tr.pcap   (454,695 bytes)

• 2016-08-17-malware-and-artifacts-for-ISC-diary.zip   561.9 kB (561,924 bytes)

• 2016-08-17-EITest-flash-redirect-from-kydiris_xyz.swf   (4,977 bytes)
• 2016-08-17-EITest-Rig-EK-flash-exploit.swf   (48,400 bytes)
• 2016-08-17-EITest-Rig-EK-landing-page.txt   (5,062 bytes)
• 2016-08-17-EITest-Rig-EK-payload-possible-Vawtrak.exe   (180,224 bytes)
• 2016-08-17-page-from-agreen_com_tr-with-injected-script-first-run-pseudoDarkleech-and-EITest.txt   (29,894 bytes)
• 2016-08-17-page-from-agreen_com_tr-with-injected-script-second-run-EITest-only.txt   (29,883 bytes)
• 2016-08-17-pseudoDarkleech-CrypMIC-decrypt-instructions.HTML   (238,182 bytes)
• 2016-08-17-pseudoDarkleech-CrypMIC-decrypt-instructions.JPG   (227,805 bytes)
• 2016-08-17-pseudoDarkleech-CrypMIC-decrypt-instructions.TXT   (1,654 bytes)
• 2016-08-17-pseudoDarkleech-Neutrino-EK-flash-exploit.swf   (78,071 bytes)
• 2016-08-17-pseudoDarkleech-Neutrino-EK-landing-page.txt   (2,332 bytes)
• 2016-08-17-pseudoDarkleech-Neutrino-EK-payload-CrypMIC.dll   (73,728 bytes)

 

Click here to return to the main page.