2017-02-08 - FILES FOR AN ISC DIARY (CRYPTOSHIELD RANSOMWARE)

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

NOTES:

• The associated ISC diary is for Thursday 2017-02-09:  CryptoShield Ransomware from Rig EK

 

ASSOCIATED FILES:

• 2017-02-08-EITest-Rig-EK-sends-CryptoShield-ransomware-2-pcaps.zip   417.2 kB (417,227 bytes)

• 2017-02-08-EITest-Rig-EK-sends-CryptoShield-ransomware-1st-run.pcap   (276,939 bytes)
• 2017-02-08-EITest-Rig-EK-sends-CryptoShield-ransomware-2nd-run.pcap   (272,596 bytes)

• 2017-02-08-EITest-Rig-EK-artifacts-and-CryptoShield-ransomware.zip   144.8 kB (144,808 bytes)

• 2017-02-08-CryptoShield-ransomware-decryption-instructions.html   (2,989 bytes)
• 2017-02-08-CryptoShield-ransomware-decryption-instructions.txt   (1,735 bytes)
• 2017-02-08-EITest-Rig-EK-artifact-both-runs-QTTYUADAF.txt   (1,137 bytes)
• 2017-02-08-EITest-Rig-EK-flash-exploit-both-runs.swf   (38,172 bytes)
• 2017-02-08-EITest-Rig-EK-landing-page-1st-run.txt   (5,236 bytes)
• 2017-02-08-EITest-Rig-EK-landing-page-2nd-run.txt   (5,240 bytes)
• 2017-02-08-EITest-Rig-EK-payload-CryptoShield-ransomware-both-runs.exe   (95,232 bytes)
• 2017-02-08-page-from-blog.masmovil_es-wtih-injected-EITest-script-1st-run.txt   (62,113 bytes)
• 2017-02-08-page-from-blog.masmovil_es-wtih-injected-EITest-script-2nd-run.txt   (62,110 bytes)

 

Click here to return to the main page.