Malware-Traffic-Analysis.net - 2020-02-04 - traffic and malware for an ISC diary (SocGholish)

2020-02-04 - PCAP AND MALWARE FOR AN ISC DIARY (SOCGHOLISH)

NOTES:

The ISC diary is for Wednesday 2020-02-05: Fake browser update pages are "still a thing"
Zip files are password-protected. If you don't know the password, look at the "about" page of this website.

ASSOCIATED FILES:

2020-02-04-socgholish-traffic-traffic-example.saz 1.2 MB (1,227,630 bytes)

2020-02-04-socgholish-traffic-example.pcap.zip 1.3 MB (1,270,832 bytes)

2020-02-04-socgholish-traffic-example.pcap (1,499,381 bytes)

2020-02-04-SocGholish-malare-and-artifacts.zip 124 kB (123,848 bytes)

2020-02-04-sodality.mandmsolicitors.com-1-of-3.txt (3,120 bytes)

2020-02-04-sodality.mandmsolicitors.com-2-of-3.txt (4,920 bytes)

2020-02-04-sodality.mandmsolicitors.com-3-of-3.txt (4,031 bytes)

2020-02-04-trace.mukandratourandtravels.com-initial.txt (47,684 bytes)

Firefox.Update.4ee488.zip (32,231 bytes)

Firefox.js (90,690 bytes)

client32.ini (596 bytes)

presentationhost.exe (105,848 bytes)

2020-02-05-socgholish-JS-file-sends-NetSupport-RAT.pcap.zip 5.0 MB (4,983,681 bytes)

2020-02-05-socgholish-JS-file-sends-NetSupport-RAT.pcap (10,744,242 bytes)

Click here to return to the main page.