2018-04-27 - DATA DUMP
NECURS BOTNET MALSPAM USES ABS VBS LOADER TO PUSH FLAWEDAMMYY:
- 2018-04-27-Necurs-Botnet-malspam-tracker-10-email-examples.csv.zip 1.1 kB (1115 bytes)
- 2018-04-27-Necurs-Botnet-malspam-partial-infection-traffic.pcap.zip 41.8 kB (41,785 bytes)
- 2018-04-27-Necurs-Botnet-malspam-and-attachments.zip 30.4 kB (30,415 bytes)
- 120-VBS-files-from-185.99.133.132.zip 254 kB (253,776 bytes)
- NOTE: Server hosting the FlawedAmmyy binary was taken off-line, so I could not generate a full infection chain.
EMOTET MALSPAM - ALSO CAUSED ZEUS PANDA BANKER:
- 2018-04-27-Emotet-malspam-12-email-examples.txt.zip 2.6 kB (2,581 bytes)
- 2018-04-27-Emotet-malspam-infection-traffic.pcap.zip 4.2 MB (4,167,208 bytes)
- 2018-04-27-Emotet-malspam-infection-artifacts.zip 445 kB (444,558 bytes)
TRICKBOT MALSPAM:
- 2018-04-27-Trickbot-malspam-1141-UTC.eml.zip 33.9 kB (33924 bytes)
- 2018-04-27-Trickbot-malspam-infection-traffic.pcap.zip 16.7 MB (16,716,711 bytes)
- 2018-04-27-Trickbot-malspam-infection-artifacts.zip 486 kB (485,867 bytes)
NOTES
Zip archives are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
Click here to return to the main page.