2016-08-17 - PCAPS AND MALWARE FOR AN ISC DIARY
ASSOCIATED FILES:
- ZIP archive of the pcaps: 2016-08-17-pcaps-for-ISC-diary.zip 1.2 MB (1,177,948 bytes)
- 2016-08-17-EITest-Rig-EK-sends-possible-Vawtrak-after-agreen.com.tr.pcap (1,090,981 bytes)
- 2016-08-17-pseudoDarkleech-Neutrino-EK-sends-CrypMIC-after-agreen.com.tr.pcap (454,695 bytes)
- ZIP archive of the malware: 2016-08-17-malware-and-artifacts-for-ISC-diary.zip 560.6 kB (560,574 bytes)
- 2016-08-17-EITest-flash-redirect-from-kydiris.xyz.swf (4,977 bytes)
- 2016-08-17-EITest-Rig-EK-flash-exploit.swf (48,400 bytes)
- 2016-08-17-EITest-Rig-EK-landing-page.txt (5,062 bytes)
- 2016-08-17-EITest-Rig-EK-payload-possible-Vawtrak.exe (180,224 bytes)
- 2016-08-17-page-from-agreen.com.tr-with-injected-script-first-run-pseudoDarkleech-and-EITest.txt (29,894 bytes)
- 2016-08-17-page-from-agreen.com.tr-with-injected-script-second-run-EITest-only.txt (29,883 bytes)
- 2016-08-17-pseudoDarkleech-CrypMIC-decrypt-instructions.HTML (238,182 bytes)
- 2016-08-17-pseudoDarkleech-CrypMIC-decrypt-instructions.JPG (227,805 bytes)
- 2016-08-17-pseudoDarkleech-CrypMIC-decrypt-instructions.TXT (1,654 bytes)
- 2016-08-17-pseudoDarkleech-Neutrino-EK-flash-exploit.swf (78,071 bytes)
- 2016-08-17-pseudoDarkleech-Neutrino-EK-landing-page.txt (2,332 bytes)
- 2016-08-17-pseudoDarkleech-Neutrino-EK-payload-CrypMIC.dll (73,728 bytes)
NOTES:
- The associated ISC diary is for Thursday 2016-08-18: 1 compromised site - 2 campaigns
- ZIP files are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
Click here to return to the main page.