2018-02-02 - DATA DUMP: DRIDEX, FORMBOOK, HANCITOR, EITEST HOEFLERTEXT POPUP FOR GANDCRAB RANSOMWARE
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
ASSOCIATED FILES:
- 2018-01-30-Dridex-infection-traffic.pcap.zip 307.1 kB (307,077 bytes)
- 2018-01-30-Dridex-email-and-malware.zip 302.1 kB (302,125 bytes)
- 2018-01-30-Formbook-infection-traffic.pcap.zip 1.0 MB (1,007,890 bytes)
- 2018-01-30-Formbook-email-and-malware.zip 399.6 kB (399,614 bytes)
- 2018-01-30-Hancitor-infection-with-Zeus-Panda-Banker.pcap.zip 1.9 MB (1,940,948 bytes)
- 2018-01-30-Hancitor-malspam-5-examples.txt.zip 3.4 kB (3,436 bytes)
- 2018-01-30-malware-from-Hancitor-infection.zip 261.8 kB (261,766 bytes)
- 2018-01-31-Hancitor-infection-traffic.pcap.zip 398.2 kB (398,212 bytes)
- 2018-01-31-Hancitor-malspam-3-examples.txt.zip 2.6 kB (2,564 bytes)
- 2018-01-31-malware-from-Hancitor-infection.zip 248.2 kB (248,230 bytes)
- 2018-02-01-Hancitor-infection-with-Zeus-Panda-Banker.pcap.zip 2.2 MB (2,150,784 bytes)
- 2018-02-01-Hancitor-malspam-2-examples.txt.zip 1.4 kB (1,412 bytes)
- 2018-02-01-malware-from-Hancitor-infection.zip 240.6 kB (240,571 bytes)
- 2018-02-02-EITest-HoeflerText-popup-sends-Gandcrab-ransomware.pcap.zip 193.2 kB (193,205 bytes)
- 2018-02-02-EITest-script-for-HoeflerText-popup-and-GandCrab-sample.zip 145.0 kB (144,986 bytes)
NOTES
This is the infection traffic and associated malware and/or emails that I didn't have time to post this week because of a business trip. I'm currently waiting for my flight at the ATL airport as I post this.
Shown above: Everyone at the ATL airport.
Click here to return to the main page.