2018-04-27 - DATA DUMP

NECURS BOTNET MALSPAM USES ABS VBS LOADER TO PUSH FLAWEDAMMYY:

• 2018-04-27-Necurs-Botnet-malspam-tracker-10-email-examples.csv.zip   1.1 kB (1115 bytes)
• 2018-04-27-Necurs-Botnet-malspam-partial-infection-traffic.pcap.zip   41.8 kB (41,785 bytes)
• 2018-04-27-Necurs-Botnet-malspam-and-attachments.zip   30.4 kB (30,415 bytes)
• 120-VBS-files-from-185.99.133.132.zip   254 kB (253,776 bytes)
• NOTE:  Server hosting the FlawedAmmyy binary was taken off-line, so I could not generate a full infection chain.

EMOTET MALSPAM - ALSO CAUSED ZEUS PANDA BANKER:

• 2018-04-27-Emotet-malspam-12-email-examples.txt.zip   2.6 kB (2,581 bytes)
• 2018-04-27-Emotet-malspam-infection-traffic.pcap.zip   4.2 MB (4,167,208 bytes)
• 2018-04-27-Emotet-malspam-infection-artifacts.zip   445 kB (444,558 bytes)

TRICKBOT MALSPAM:

• 2018-04-27-Trickbot-malspam-1141-UTC.eml.zip   33.9 kB (33924 bytes)
• 2018-04-27-Trickbot-malspam-infection-traffic.pcap.zip   16.7 MB (16,716,711 bytes)
• 2018-04-27-Trickbot-malspam-infection-artifacts.zip   486 kB (485,867 bytes)

NOTES

Zip archives are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

 

Click here to return to the main page.