2019-08-23 - DATA DUMP (URSNIF, RIG EK, NETWIRE RAT)

URSNIF INFECTION WITH AZORULT:

• 2019-08-23-malspam-pushing-Ursnif.eml.zip   55.7 kB (55,686 bytes)
• 2019-08-23-Ursnif-infection-with-AZORult.pcap.zip   3.9 MB (3,868,767 bytes)
• 2019-08-23-malware-from-Ursnif-infection.zip   334 kB (333,907 bytes)

RIG EK --> DANABOT:

• 2019-08-23-Rig-EK-sends-Danabot.pcap.zip   16.5 MB (16,452,510 bytes)
• 2019-08-23-Rig-EK-and-Danabot-malware-and-artifacts.zip   561 kB (560,735 bytes)

RIG EK --> AMADEY --> DANABOT:

• 2019-08-23-second-run-Rig-EK-sends-Amadey.pcap.zip   20.7 MB (20,664,431 bytes)
• 2019-08-23-second-run-Rig-EK-sends-Amadey-malware.zip   3.3 MB (3,304,538 bytes)

MALSPAM PUSHES NETWIRE RAT:

• 2019-08-23-malspam-pushing-Netwire-RAT-0709-UTC.eml.zip   133 kB (132,713 bytes)
• 2019-08-23-Netwire-RAT-infection.pcap.zip   302 kB (302,187 bytes)
• 2019-08-23-Netwire-RAT-malware.zip   332 kB (332,183 bytes)

NOTES:

• Zip archives are password-protected with the standard password.  If you don't know it, see the "about" page of this website.

 

Click here to return to the main page.