Malware-Traffic-Analysis.net - 2019-06-12 - Quick post: infection from malware on 80.85.155[.]70

2019-06-12 - QUICK POST: INFECTION FROM MALWARE ON 80.85.155[.]70

NOTICE:

The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.

NOTES:

The pcap of traffic generated by this mawlare has Tofsee activity (work.a-poster[.]info:25000), spambot activity, and what looks like cryptocurrency miner traffic over TCP port 8087.

ASSOCIATED FILES:

2019-06-12-infection-traffic-from-malware-EXE-from-80_85_155_70.pcap.zip 19.6 MB (19,580,585 bytes)
2019-06-12-malware-EXE-from-80_85_155_70.exe.zip 81.7 kB (81,664 bytes)

Click here to return to the main page.