2017-10-18 - PCAP AND MALWARE FOR AN ISC DIARY (LOKI BOT MALSPAM)

NOTES:

• The associated ISC diary is for Thursday 2017-10-19:  HSBC-themed malspam uses ISO attachments to push Loki Bot malware
• Zip files are password-protected.  If you don't know the password, look at the "about" page of this website.

 

ASSOCIATED FILES:

• Zip archive of the pcap:  2017-10-18-Loki-Bot-traffic.pcap.zip   10.3 kB (10,328 bytes)

• 2017-10-18-Loki-Bot-traffic.pcap   (52,036 bytes)

• Zip archive of the malware:  2017-10-18-HSBC-themed-malspam-and-artifacts.zip   2.2 MB (2,175,960 bytes)

• 2017-10-18-HSBC-themed-malspam-0550-UTC.eml   (720,318 bytes)
• 2017-10-18-HSBC-themed-malspam-0841-UTC.eml   (720,318 bytes)
• 2017-10-18-HSBC-themed-malspam-0851-UTC.eml   (720,318 bytes)
• 2017-10-18-HSBC-themed-malspam-0928-UTC.eml   (720,318 bytes)
• 2017-10-18-HSBC-themed-malspam-0958-UTC.eml   (720,318 bytes)
• 2017-10-18-HSBC-themed-malspam-1109-UTC.eml   (720,318 bytes)
• 2017-10-18-HSBC-themed-malspam-1234-UTC.eml   (720,318 bytes)
• 2017-10-18-HSBC-themed-malspam-1330-UTC.eml   (720,318 bytes)
• HSBC Payment Document.exe   (450,560 bytes)
• HSBC Payment Document.iso   (512,000 bytes)

 

Click here to return to the main page.