2018-05-07 - DATA DUMP (EMOTET/HANCITOR/LOKIBOT)

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

EMOTET:

• 2018-05-07-Emotet-malspam-with-attachment.eml.zip   110 kB (109,681 bytes)
• 2018-05-07-Emotet-infection-traffic.pcap.zip   1.3 MB (1,259,062 bytes)
• 2018-05-07-malware-from-Emotet-infection.zip   187 kB (187,328 bytes)

• NOTE: Emotet malspam today was either with a link or with an attachment (never both together).  My pcap is from a link, and my email example is one with an attachment.

 

HANCITOR WITH ZEUS PANDA BANKER AND SEND SAFE ENTEPRISSE (SSE) BEACONING:

• 2018-05-07-Hancitor-malspam-12-examples.zip   42 kB (42,414 bytes)
• 2018-05-07-Hancitor-infection-with-Zeus-Panda-Banker-and-SSE-beaconing.pcap.zip   3.8 MB (3,848,462 bytes)
• 2018-05-07-malware-from-Hancitor-infection.zip   1.8 MB (1,825,419 bytes)

 

LOKIBOT:

• 2018-05-07-Lokibot-malspam-2-examples.zip   272 kB (271,501 bytes)
• 2018-05-07-Lokibot-infection-traffic.pcap.zip   2 kB (1,902 bytes)
• 2018-05-07-malware-from-Lokibot-infection.zip   262 MB (262,342 bytes)

 

Click here to return to the main page.