Malware-Traffic-Analysis.net - Posts - 2017

[2013] - [2014] - [2015] - [2016] - [2017] - [2018] - [2019] - [2020] - [2021] - [2022] - [2023] - [2024] - [2025]

2017-12-29 -- Dreambot infection
2017-12-29 -- Necurs Botnet malspam pushes GlobeImposter ransomware
2017-12-28 -- Seamless campaign Rig EK sends Ramnit
2017-12-27 -- Emotet infection with Zeus Panda Banker
2017-12-26 -- EITest campaign HoeflerText popups or fake AV alerts
2017-12-26 -- Necurs Botnet malspam pushes GlobeImposter ransomware
2017-12-22 -- Remcos RAT infection from RTF using CVE-2017-0199 exploit
2017-12-21 -- Hancitor infection with Zeus Panda Banker
2017-12-21 -- Necurs Botnet malspam pushes GlobeImposter ransomware
2017-12-20 -- Quick post: Hancitor infection with Zeus Panda Banker
2017-12-19 -- Quick post: EITest HoeflerText popups or fake anti-virus pages
2017-12-19 -- Quick post: Hancitor infection with Zeus Panda Banker
2017-12-19 -- Quick post: Necurs Botnet malspam pushes GlobeImposter ransomware
2017-12-18 -- Quick post: Hancitor infection with Zeus Panda Banker
2017-12-18 -- A weekend's worth of phishing emails from my inbox
2017-12-14 -- Ngay campaign Rig EK pushes Quant Loader & Monero (XMR) coin miner
2017-12-13 -- Hancitor infection with IcedID
2017-12-13 -- Necurs Botnet malspam pushes Trickbot or GlobeImposter ransomware
2017-12-13 -- Lokibot infection from RTF exploiting CVE-2017-11882
2017-12-12 -- EITest HoeflerText popups and fake anti-virus pages
2017-12-12 -- Ngay campaign Rig EK pushes Quant Loader & Monero (XMR) coin miner
2017-12-11 -- Hancitor infection with Zeus Panda Banker
2017-12-08 -- Fobos campaign Rig EK sends Bunitu
2017-12-06 -- Quick post: Nymaim infection from UK vehicle violation-themed malspam
2017-12-06 -- Hancitor infection with IcedID
2017-12-06 -- Quick post: Necurs Botnet malspam pushes GlobeImposter ransomware
2017-12-06 -- Quick post: EITest HoeflerText popup pushes NetSupport Manager RAT
2017-12-05 -- Quick post: Hancitor infection with Zeus Panda Banker
2017-12-05 -- Quick post: Necurs Botnet malspam pushes GlobeImposter ransomware
2017-12-04 -- Dridex is back, Baby! - Necurs Botnet malspam pushes Dridex
2017-12-04 -- Necurs Botnet malspam pushes GlobeImposter ransomware
2017-12-01 -- Phishing emails for shopping job at Target
2017-12-01 -- Fake anti-virus page from EITest campaign

2017-11-30 -- Necurs Botnet malspam pushes GlobeImposter ransomware
2017-11-29 -- Files for an ISC diary (Emotet)
2017-11-28 -- Revenge RAT, Luminosity RAT, and Predator Pain infection from payment slip-themed malspam
2017-11-28 -- Hancitor infection with Zeus Panda Banker
2017-11-28 -- Fake Netflix login pages from phishing emails
2017-11-27 -- "Tungsten Rounded" popup on Chrome/Firefox pushes Monero cryptocurrency miner
2017-11-23 -- Necurs Botnet malspam pushes "Scarab" ransomware
2017-11-22 -- Netflix-themed phishing
2017-11-21 -- Zeus Panda Banker infection from Italian malspam
2017-11-21 -- Hancitor infection with IcedID (Bokbot)
2017-11-18 -- Files for an ISC diary (Smoke Loader)
2017-11-17 -- KaiXin EK still around, very Chinese, and acting like it's 2013
2017-11-16 -- Quick post: Hancitor infection with Zeus Panda Banker
2017-11-16 -- Lokibot infection from CVE-2017-0199 exploit
2017-11-15 -- Banload infection from Brazil malpsam
2017-11-12 -- "Mercury Text" popup on Chrome & Firefox pushes Monero cryptocurrency miner
2017-11-10 -- Phishing emails link to fake on-line banking pages
2017-11-09 -- Necurs Botnet malspam still pushing Locky ransomware
2017-11-08 -- Hancitor infection with Zeus Panda Banker
2017-11-07 -- A day in the life (of a researcher)
2017-11-06 -- Hancitor infection with Zeus Panda Banker
2017-11-03 -- Nymaim infection
2017-11-03 -- Banload infection from Brazil malpsam
2017-11-02 -- Adventures with Smoke Loader
2017-11-01 -- Hancitor infection with Zeus Panda Banker
2017-11-01 -- Necurs Botnet malspam continues pushing Locky ransomware

2017-10-31 -- Quick post: Hancitor infection with Zeus Panda Banker
2017-10-31 -- Necurs Botnet malspam stops using DDE, still uses Word docs
2017-10-30 -- Hancitor infection
2017-10-30 -- Necurs Botnet malspam uses DDE attack to push Locky ransomware
2017-10-27 -- Remcos RAT infection
2017-10-26 -- Hancitor infection with Zeus Panda Banker
2017-10-26 -- Quick post: EITest campaign sends HoeflerText popups or fake AV page
2017-10-24 -- Necurs Botnet malspam uses DDE attack to push Locky ransomware
2017-10-24 -- Compromised site has EITest campaign pushing fake AV, also has coinminer javascript
2017-10-24 -- Phishing website traffic
2017-10-23 -- Banload infection
2017-10-23 -- A RAT's nest of activity
2017-10-19 -- Files for an ISC diary (Necurs Botnet malspam uses DDE attack)
2017-10-18 -- Files for an ISC diary (Lokibot)
2017-10-17 -- Terror EK sends Smoke Loader, Smoke Loader sends more malware
2017-10-16 -- Files for an ISC diary (Hancitor infection with DeLoader/ZLoader)
2017-10-13 -- Blank Slate campaign stops pushing Locky ransomware, starts pushing Sage 2.2 ransomware
2017-10-11 -- Banload infection
2017-10-11 -- FTFY: Necurs Botnet malspam pushing ".asasin" variant Locky ransomware
2017-10-11 -- Phishing website traffic
2017-10-10 -- Lokibot infection from CVE-2017-0199 exploit
2017-10-10 -- Emotet infection with spambot traffic
2017-10-09 -- Adwind/jRAT infection
2017-10-06 -- PowerShell-based infection from Brazil malspam
2017-10-05 -- Hancitor infection with DELoader/ZLoader
2017-10-04 -- Blank Slate campaign pushes ".ykcol" variant Locky ransomware
2017-10-04 -- EITest campaign sends NetSupport RAT
2017-10-03 -- Ursnif infection from Japanese malspam
2017-10-03 -- Infostealer infection via DLL side-loading from Brazil malspam
2017-10-03 -- Hancitor infection with ZLoader
2017-10-02 -- Files for an ISC diary (Formbook)
2017-10-02 -- Quick post: Hancitor infection with ZLoader
2017-10-02 -- Necurs Botnet malspam still pushing ".ykcol" variant Locky ransomware

2017-09-22 -- Infostealer infection from Boleto Malspam
2017-09-21 -- Files for an ISC diary (Hancitor)
2017-09-20 -- Files for an ISC diary (CVE-2017-8759)
2017-09-20 -- Lokibot infection
2017-09-18 -- Trickbot infection
2017-09-18 -- Hancitor infection with ZLoader
2017-09-18 -- Necurs Botnet malspam pushes ".ykcol" variant Locky ransomware
2017-09-18 -- Emotet infection
2017-09-15 -- More possible Coinbit malware
2017-09-15 -- Blank Slate campaign pushes Locky ransomware
2017-09-14 -- Possible Coinbit malware
2017-09-11 -- Blank Slate malspam pushes "Lukitus" variant Locky ransomware
2017-09-08 -- Locky ransomware infection
2017-09-08 -- EITest campaign fake AV alerts / HoeflerText popups
2017-09-07 -- "Lukitus" variant Locky ransomware
2017-09-07 -- EITest campaign still pushing HoeflerText popups for NetSupport RAT or pushing fake AV alerts
2017-09-06 -- Ursnif infection from Japanese malspam
2017-09-05 -- Grab bag
2017-09-04 -- Infostealer infection from Brazil malspam
2017-09-04 -- GlobeImposter ransomware (..txt file extensions)
2017-09-01 -- EITest campaign leads to HoflerText popups for NetSupport RAT or fake anti-virus pages

2017-08-31 -- Grab bag
2017-08-29 -- Terror EK seen using HTTPS
2017-08-28 -- Infostealer infection from Brazil malspam
2017-08-28 -- Fobos campaign Rig EK sends Bunitu
2017-08-25 -- Seamless campaign Rig EK sends Ramnit
2017-08-21 -- Hancitor infection with ZLoader
2017-08-21 -- Trickbot infection
2017-08-19 -- Infostealer infection from Brazil malspam
2017-08-16 -- Quick post: "Lukitus" variant Locky ransomware
2017-08-15 -- Files for an ISC diary (Trickbot)
2017-08-12 -- Trickbot activity
2017-08-11 -- "Diablo6" variant Locky ransomware
2017-08-10 -- Hancitor infection with ZLoader
2017-08-09 -- "Diablo6" variant of Locky ransomware
2017-08-08 -- Files for an ISC diary
2017-08-08 -- Quick post: GlobeImposter ransomware
2017-08-07 -- Infection from JavaScript (.js) file, possibly Ursnif
2017-08-04 -- Magnitude EK data dump
2017-08-03 -- Hancitor infection with ZLoader
2017-08-02 -- "Blank Slate" campaign pushes Gryphon ransomware (a BTCware variant)
2017-08-02 -- Malspam pushing GlobeImposter ransomware (.726 file extension)
2017-08-02 -- Hancitor infection
2017-08-02 -- Magnitude EK sends Cerber ransomware
2017-08-01 -- Rig EK from the HookAds campaign sends Dreambot

2017-07-31 -- GlobeImposter ransomware infection
2017-07-29 -- "Blank Slate" campaign pushes BTCware (Aleta variant) ransomware
2017-07-26 -- Files for an ISC diary (Emotet)
2017-07-24 -- Quick post: Hancitor infection with ZLoader
2017-07-24 -- Quick post: Trickbot
2017-07-23 -- EITest campaign HolflerText popup sends Mole ransomware
2017-07-21 -- Infostealer infection from Brazil malspam
2017-07-20 -- Hancitor infection with ZLoader
2017-07-18 -- NemucodAES ransomware
2017-07-17 -- Rig EK data dump (HookAds and Seamless campaigns)
2017-07-14 -- Another tech support scam popup message
2017-07-13 -- Files for an ISC diary (NemucodAES ransomware and Kovter)
2017-07-12 -- Infostealer infection from Brazil malspam
2017-07-10 -- Rig EK from the HookAds campaign
2017-07-10 -- Kovter and Nemucod ransomware infection
2017-07-07 -- Infostealer infection from Brazil malspam
2017-07-06 -- EITest campaign pushes tech support scam
2017-07-05 -- Malware infection from Japanese malspam
2017-07-04 -- Java-based RAT infection
2017-07-03 -- Kovter infection
2017-07-03 -- Hancitor infection with ZLoader

2017-06-30 -- Rig EK from HookAds campaign send Chthonic banking Trojan
2017-06-29 -- Kovter infection
2017-06-29 -- Hancitor infection with ZLoader
2017-06-28 -- Hancitor infection with ZLoader
2017-06-28 -- Files for an ISC diary ("Blank Slate" campaign)
2017-06-27 -- Hancitor infection with ZLoader
2017-06-26 -- Hancitor infection with ZLoader
2017-06-22 -- Locky ransomware infection
2017-06-21 -- Hancitor infection with ZLoader
2017-06-21 -- Rig EK sends Bunitu
2017-06-20 -- Rig EK from HookAds campaign sends Dreambot and Chthonic
2017-06-19 -- Rig EK from the HookAds campaign sends Dreambot
2017-06-16 -- Rig EK from the HookAds campaign
2017-06-16 -- Infostealer infection from Brazil malspam
2017-06-15 -- Hancitor infection with ZLoader
2017-06-15 -- Rig EK (HookAds and Seamless campaigns)
2017-06-14 -- Trickbot infection
2017-06-14 -- Hancitor infection with ZLoader
2017-06-13 -- Jaff ransomware infection
2017-06-12 -- Hancitor infection with ZLoader
2017-06-12 -- Trickbot infection
2017-06-12 -- Hawkeye infection
2017-06-12 -- Ursnif infection from Japanese malspam
2017-06-12 -- Lokibot infection
2017-06-09 -- EITest campaign still pushing tech support scams
2017-06-08 -- Hancitor infection with ZLoader
2017-06-08 -- Infostealer infection from Brazil malspam
2017-06-07 -- Hancitor infection with ZLoader
2017-06-07 -- Lokibot infection
2017-06-06 -- Hancitor infection with ZLoader
2017-06-06 -- Jaff ransomware infection
2017-06-06 -- RoughTed campaign Rig EK
2017-06-05 -- Dridex infection
2017-06-02 -- Seamless campaign continues using Rig EK to send Ramnit
2017-06-02 -- Dridex infection
2017-06-01 -- Hancitor infection with ZLoader
2017-06-01 -- Jaff ransomware infection
2017-06-01 -- Zeus Panda Banker infection

2017-05-31 -- Hancitor infection with ZLoader
2017-05-31 -- Luminosity RAT
2017-05-30 -- Rig EK sends Kovter
2017-05-30 -- Tech support scam from EITest campaign
2017-05-30 -- Hancitor infection with ZLoader
2017-05-26 -- EITest campaign pushes tech support scams, Rig EK, or HoeflerText popups
2017-05-26 -- Corebot infection
2017-05-25 -- EITest campaign pushing tech support scams in US and UK
2017-05-25 -- Jaff ransomware infection
2017-05-25 -- Hancitor infection with ZLoader
2017-05-24 -- Jaff ransomware infection
2017-05-23 -- Files for an ISC diary (Jaff ransomware)
2017-05-22 -- Jaff ransomware infection
2017-05-17 -- EITest HoeflerText popups sends Spora ransomware
2017-05-16 -- Hancitor infection with ZLoader
2017-05-16 -- More examples of Jaff ransomware
2017-05-15 -- My take on WannaCry ransomware
2017-05-15 -- The Jaff ransomware train keeps on rollin'
2017-05-12 -- Kovter infection
2017-05-12 -- Rig EK examples
2017-05-12 -- "Blank Slate" campaign continues pushing Cerber ransomware
2017-05-11 -- Jumping on the Jaff ransomware bandwagon
2017-05-11 -- Kovter infection
2017-05-10 -- Files for an ISC diary (Rig EK)
2017-05-10 -- Hancitor infection with ZLoader
2017-05-10 -- "Blank Slate" campaign pushes Cerber ransomware or GlobeImposter ransomware
2017-05-09 -- Hancitor infection with ZLoader
2017-05-09 -- Rig EK sends Bunitu
2017-05-05 -- "Blank Slate" campaign back to sending Cerber ransomware
2017-05-04 -- Hancitor infection with ZLoader
2017-05-04 -- Decimal IP campaign uses fake Flash Player site to send Smoke Loader
2017-05-03 -- "Blank Slate" campaign pushes GlobeImposter ransomware variant
2017-05-03 -- Unidentified malware from WhatsApp-themed malspam
2017-05-02 -- Hancitor infection with ZLoader
2017-05-02 -- Keeping it 100: "Blank Slate" campaign starts pushing Mordor ransomware
2017-05-01 -- Hancitor infection with ZLoader

2017-04-28 -- Corebot infection
2017-04-27 -- "Blank Slate" campaign still pushing Cerber ransomware, also exploiting CVE-2017-0199
2017-04-26 -- Hancitor infection with ZLoader
2017-04-26 -- Mole Ransomware and Kovter infections from emails impersonating USPS
2017-04-25 -- "Good Man" campaign Rig EK sends Latentbot
2017-04-24 -- Hancitor infection with ZLoader
2017-04-21 -- Locky ransomware infection
2017-04-21 -- Zeus Panda Banker, Kovter and Smoke Loader from fake Parking Service website
2017-04-20 -- "Blank Slate" campaign still pushing Cerber ransomware
2017-04-20 -- EITest campaign: Rig EK or HoeflerText Chrome popup
2017-04-19 -- Dridex infection
2017-04-19 -- Zeus Panda Banker, Kovter and Miuref infection
2017-04-18 -- Zeus Panda Banker, Kovter and Miuref infection
2017-04-18 -- EITest campaign: Rig EK or HoeflerText Chrome popup
2017-04-16 -- EITest campaign: Rig EK or HoeflerText Chrome popup
2017-04-15 -- EITest campaign: Rig EK or HoeflerText Chrome popup
2017-04-14 -- Gate leads to Terror EK, same gate later leads to Rig EK
2017-04-13 -- "Blank Slate" campaign still pushing Cerber ransomware, still using fake Chrome page
2017-04-13 -- What seems like Rig EK sends possible Smoke Loader payload
2017-04-11 -- Files for an ISC diary (Mole ransomware)
2017-04-10 -- Files for an ISC diary (Dridex)
2017-04-07 -- EITest campaign: Rig EK or HoeflerText Chrome popup
2017-04-06 -- EITest Rig EK from 109.234.36[.]165 sends Matrix ransomware variant
2017-04-06 -- "Blank Slate" campaign still pushing Cerber ransomware, still using fake Chrome page
2017-04-05 -- Hancitor infection
2017-04-05 -- Cerber ransomware and Kovter infection
2017-04-05 -- TeamViewer-based malware package (TeamSpy)
2017-04-05 -- Terror EK sends Andromeda
2017-04-04 -- Hancitor infection with ZLoader
2017-04-04 -- Cerber ransomware and Kovter infection
2017-04-03 -- EITest Rig EK from 5.101.77[.]137 sends MSIL/Matrix ransomware variant
2017-04-03 -- Ursnif and Pushdo infection
2017-04-03 -- Hancitor infection

2017-03-31 -- "Blank Slate" campaign still pushing Cerber ransomware
2017-03-30 -- Dridex infection
2017-03-30 -- Terror EK from 159.203.185[.]4
2017-03-29 -- Hancitor infection with ZLoader
2017-03-28 -- EITest Rig EK from 46.173.214[.]185 sends ransomware
2017-03-24 -- "Blank Slate" campaign tries fake Chrome install page
2017-03-23 -- "Quantum Code" scam
2017-03-22 -- Banload infection from Brazil malspam
2017-03-21 -- Files for an ISC diary ("Blank Slate" campaign pushes Cerber Ransomware)
2017-03-20 -- pseudoDarkleech Rig EK from 92.53.104[.]78 sends Cerber ransomware
2017-03-20 -- EITest Rig EK from 92.53.104[.]78 sends Cerber ransomware
2017-03-16 -- Hancitor infection with ZLoader
2017-03-15 -- "Blank Slate" campaign sends Cerber ransomware
2017-03-15 -- Hancitor infection with ZLoader
2017-03-15 -- EITest Rig EK sends Revenge ransomware
2017-03-15 -- pseudoDarkleech Rig EK sends Cerber ransomware
2017-03-15 -- Unidentified campaign Rig EK sends Zloader (DELoader)
2017-03-14 -- Kovter infection with Nemucod ransomware
2017-03-14 -- Hancitor infection with ZLoader
2017-03-14 -- "Blank Slate" campaign sends Cerber ransomware
2017-03-13 -- "Good Man" campaign Rig EK --> Godzilla Loader --> Zbot
2017-03-13 -- Hancitor infection with Zloader and SendSafe spambot traffic
2017-03-13 -- Kovter infection with Locky Ransomware
2017-03-10 -- "Blank Slate" campaign continues sending Cerber ransomware
2017-03-10 -- possible Banload infection from Brazil malspam
2017-03-10 -- EITest HoeflerText Chrome popup leads to Spora ransomware
2017-03-09 -- Rig EK sends Zbot
2017-03-08 -- Hancitor infection with ZLoader
2017-03-07 -- EITest Rig EK from 188.225.32[.]10 sends Dreambot
2017-03-07 -- Sundown EK
2017-03-06 -- Hancitor infection
2017-03-06 -- EITest HoeflerText Chrome popup leads to Spora ransomware
2017-03-04 -- Quick post: KaiXin EK from 220.170.89[.]153
2017-03-03 -- Shade (Troldesh) ransomware infection
2017-03-02 -- Nebula EK sends DiamondFox malware

2017-02-28 -- Hancitor infection with ZLoader
2017-02-28 -- "Blank Slate" campaign pushes Cerber ransomware
2017-02-28 -- EITest Rig EK from 81.177.140[.]75 sends CryptoShield ransomware
2017-02-27 -- Hancitor infection with ZLoader
2017-02-27 -- Rig EK examples (pseudoDarkleech and EITest campaigns)
2017-02-23 -- Hancitor infection with ZLoader
2017-02-23 -- EITest Rig EK from 188.225.35[.]79 sends Dreambot
2017-02-22 -- EITest HoeflerText Chrome popup leads to Spora ransomware
2017-02-22 -- pseudoDarkleech Rig EK from 81.177.6[.]153 sends Cerber ransomware
2017-02-21 -- Zeus Panda Banker infection
2017-02-21 -- Hancitor infection
2017-02-20 -- Unidentified malware infection
2017-02-18 -- Files for an ISC diary (Brazil malspam --> AutoIt-based malware package)
2017-02-16 -- Hancitor infections
2017-02-15 -- EITest HoeflerText Chrome popup leads to Spora ransomware
2017-02-14 -- EITest Rig EK sends CryptoShield ransomware
2017-02-14 -- EITest HoeflerText Chrome popup leads to Spora ransomware
2017-02-09 -- Files for an ISC diary (Hancitor)
2017-02-08 -- Files for an ISC diary (CryptoShield ransomware)
2017-02-08 -- "Blank Slate" campaign sends Cerber ransomware ransomware
2017-02-07 -- Hancitor infection
2017-02-06 -- pseudoDarkleech Rig EK from 194.87.94[.]37 sends Cerber ransomware
2017-02-06 -- Afraidgate Rig EK from 194.87.94[.]37 sends Godzilla Loader/Locky ransomware/something else
2017-02-06 -- Hancitor infection
2017-02-06 -- EITest Rig EK sends CryptoShield ransomware
2017-02-04 -- EITest fake Chrome popup leads to Spora ransomware
2017-02-02 -- "Blank Slate" campaign sends Cerber ransomware
2017-02-01 -- Hancitor infection with SendSafe spambot traffic

2017-01-31 -- Hancitor infection
2017-01-31 -- EITest Rig EK from 195.133.144[.]228 sends CryptoShield ransomware
2017-01-31 -- "Blank Slate" campaign sends Cerber ransomware
2017-01-30 -- EITest fake Chrome popup leads to Spora ransomware
2017-01-30 -- Hancitor infection
2017-01-30 -- Afraidgate Rig-V from 194.87.94[.]4 sends Locky ransomware
2017-01-27 -- More Afraidgate Rig-V
2017-01-27 -- "Blank Slate" campaign sends Cerber ransomware
2017-01-26 -- pseudoDarkleech Rig-V sends Cerber ransomware
2017-01-26 -- Afraidgate Rig-V sends Godzilla Loader / Locky ransomware / something else
2017-01-25 -- Hancitor infection with SendSafe spambot traffic
2017-01-25 -- Ursnif infection
2017-01-24 -- Ursnif infection
2017-01-24 -- EITest Rig-V from 89.223.29[.]254 sends CryptoMix ransomware
2017-01-24 -- pseudoDarkleech Rig-V from 89.223.29[.]254 sends Cerber ransomware
2017-01-23 -- "Blank Slate" campaign sends Cerber or Sage 2.0 ransomware
2017-01-23 -- EITest Rig-V from 89.223.29[.]252 sends CryptoMix ransomware
2017-01-21 -- Files for an ISC diary ("Blank Slate" campaign sends Cerber or Sage 2.0 ransomware)
2017-01-20 -- EITest Rig-V from 92.53.120[.]142 sends Cerber ransomware
2017-01-19 -- EITest Sundown EK from 93.190.143[.]82 sends Cerber ransomware
2017-01-19 -- pseudoDarkleech Rig-V sends Cerber ransomware
2017-01-19 -- EITest Rig-V from 92.53.119[.]137 sends Cerber ransomware
2017-01-18 -- pseudoDarkleech Rig-V and "Blank Slate" malspam back to sending Cerber ransomware
2017-01-18 -- pseudoDarkleech Rig-V and "Blank Slate" malspam stop sending Cerber ransomware
2017-01-17 -- EITest Rig-V from 92.53.127[.]86 sends Spora ransomware
2017-01-17 -- "Blank Slate" campaign sends Cerber ransomware
2017-01-13 -- Android malware
2017-01-13 -- "Blank Slate" campaign sends Cerber ransomware
2017-01-13 -- Afraidgate Rig-V from 92.53.120[.]233 sends "Osiris" variant Locky
2017-01-13 -- pseudoDarkleech Rig-V from 92.53.120[.]233 sends Cerber ransomware
2017-01-13 -- EITest Rig-V from 92.53.120[.]233 sends CryptoMix ransomware
2017-01-12 -- Hancitor infection with Pony and Vawtrak
2017-01-12 -- EITest Rig-V from 81.177.139[.]122 sends CryptoMix ransomware
2017-01-11 -- Rig-V from 109.234.38[.]150
2017-01-10 -- Files for an ISC diary (Hancitor infection with Pony and Vawtrak)
2017-01-10 -- EITest Rig-V from 92.53.124[.]185 sends CryptoMix ransomware
2017-01-09 -- Zeus Panda Banker infection
2017-01-09 -- pseudoDarkleech Rig-V from 194.87.94[.]227 sends Cerber ransomware
2017-01-09 -- "Blank Slate" campaign sends Cerber ransomware
2017-01-08 -- Files for an ISC diary (Merry Xmas ransomware)
2017-01-06 -- Sundown EK from 188.165.163[.]226 and 93.190.143.201
2017-01-06 -- pseudoDarkleech Rig-V from 92.53.119[.]69 sends Cerber ransomware
2017-01-05 -- Brazil-targeted malware infection
2017-01-05 -- "Blank Slate" campaign sends Cerber ransomware
2017-01-05 -- pseudoDarkleech Rig-V sends Cerber ransomware
2017-01-04 -- "Blank Slate" campaign sends Cerber ransomware
2017-01-04 -- pseudoDarkleech Rig-V from 194.87.232[.]6 sends Cerber ransomware
2017-01-03 -- pseudoDarkleech Rig-V from 46.30.42[.]31 sends Cerber ransomware
2017-01-03 -- Brazil-targeted malware infection
2017-01-02 -- pseudoDarkleech Rig-V from 109.234.36[.]210 sends Cerber ransomware
2017-01-01 -- pseudoDarkleech Rig-V from 109.234.36[.]133 sends Cerber ransomware

Click here to return to the main page.

Copyright © 2025 | Malware-Traffic-Analysis.net