2018-05-08 - DATA DUMP

EMOTET EMAILS / PCAP / MALWARE:

• 2018-05-08-Emotet-malspam-2-email-examples.zip   0.7 kB (744 bytes)
• 2018-05-08-Emotet-malspam-infection-traffic.pcap.zip   192 kB (192,183 bytes)
• 2018-05-08-Emotet-infection-artifacts.zip   176 kB (176,075 bytes)

 

GOZI-ISFB (AN URSNIF VARIANT) - PCAP / MALWARE:

• 2018-05-08-Gozi-malspam-infection-traffic.pcap.zip   500 kB (500,126 bytes)
• 2018-05-08-Gozi-malspam-infection-artifacts.zip   278 kB (277,854 bytes)

• I don't have an email for this.  Reference: Yet another fake Sage Invoice delivering what looks like Ursnif / Gozi banking Trojan

 

HANCITOR EMAILS / PCAP / MALWARE:

• 2018-05-08-Hancitor-malspam-30-email-examples.zip   63 kB (63,139 bytes)
• 2018-05-08-Hancitor-malspam-infection-traffic.pcap.zip   2.3 MB (2,302,245 bytes)
• 2018-05-08-Hancitor-infection-artifacts.zip   235 kB (235,410 bytes)

 

TRICKBOT MALSPAM - PCAP / MALWARE:

• 2018-05-08-Trickbot-malspam-infection-traffic.pcap.zip   11.8 MB (11,816,518 bytes)
• 2018-05-08-Trickbot-malspam-infection-artifacts.zip   211 MB (211,287 bytes)

• I don't have an email for this.  Reference: Fake Lloyds Bank email distributes Trickbot via fake Adobe plugin

 

UNKOWN EMAIL / PCAP / MALWARE:

• 2018-05-08-malspam-1302-UTC.eml.zip   85 kB (84,911 bytes)
• 2018-05-08-malspam-1302-UTC-infection-traffic.pcap.zip   1.4 kB (1,439 bytes)
• 2018-05-08-malspam-1302-UTC-malware-and-artifacts.zip   164 MB (163,949 bytes)

 

Zip archives are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.