Category: Malware-Traffic-Analysis.net – Blog Entries

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-07-23: Ten days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-07-08: Koi Loader/Koi Stealer infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-07-15: Lumma Stealer infection with SecTop RAT

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-07-02: Koi Loader/Koi Stealer infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-07-02: Lumma Stealer infection with follow-up Rsockstun malware

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-06-26: Lumma Stealer infection with follow-up malware

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-06-21: Koi Loader/Koi Stealer infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-06-20: Malware disguised as cracked version of popular software

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-06-18: SmartApeSG to ClickFix lure to NetSupport RAT to…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-06-13: Traffic analysis exercise: It’s a trap!

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-06-10: Ten days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-05-31: Ten days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-05-22: StealC v2 infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-05-27: VIP Recovery infection from email attachment

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-04-13: Twelve days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-04-04: KongTuke activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-03-26: SmartApeSG traffic for fake browser update leads to…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-03-03: Three days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-03-03: Three days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-02-18: SmartApeSG script for fake browser update leads to…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-02-13: Quick post: ClickFix style infection for Lumma Stealer

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-02-10: StrelaStealer infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-02-07: Three days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-31: Two pcaps of AgentTesla-style data exfil, one using…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-28: Malware infection from web inject activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-30: XLoader infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-28: Malwre infection from web inject activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-23: Fake installer leads to Koi Loader/Koi Stealer

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-22: Traffic Analysis Exercise – Download from fake software…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-21: Quick post for Koi Loader/Koi Stealer activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-09: CVE-2017-0199 XLS –> HTA –> VBS –> steganography…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-01-04: Four days of scans and probes and web…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-12-18 – One week of server scans and probes…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-12-17 – SmartApeSG injected script leads to NetSupport RAT

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-12-04 – AgentTesla variant using FTP

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-11-14 – Raspberry Robin infection using WebDAV server

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-10-17 – Two days of server scans and probes…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-10-23 – Redline Stealer infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-10-07 – Data dump (Formbook, possible Astaroth/Guildma, Redline Stealer,…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-10-01 – Ukrainian language malspam pushes RMS-based malware

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-10-03 – SmartLoader to Lumma Stealer

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-09-19 – File downloader to Lumma Stealer

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-09-16 – Snake KeyLogger (VIP Recovery) infection, SMTP exfil

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-09-17 – Snake KeyLogger (VIP Recovery) infection, FTP exfil

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-09-16 – Snake KeyLogger activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-09-12 – Approximately 11 days of server scans and…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-09-11 – Data dump: Remcos RAT and XLoader (Formbook)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-09-04 – Traffic Analysis Exercise: Big Fish in a…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-08-30 – Approximately 11 days of server scans and…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-08-29 – Phishing email and traffic to fake webmail…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-08-26 – GuLoader for Remcos RAT

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-08-15 – Traffic analysis exercise: WarmCookie

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-07-30 – Traffic analysis exercise: You dirty rat!

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-25 – Latrodectus infection with BackConnect and Keyhole VNC

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-24 – ClickFix popup leads to Lumma Stealer

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-17 – Google ad –> fake unclaimed funds site…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-12 – Google ad –> fake unclaimed funds site…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-11 – Traffic example of a CVE-2024-4577 probe

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-12 – KoiLoader/KoiStealer infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-10 – Malspam pushing OriginLogger (AgentTesla)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-06-08: Three days of server scans and probes

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-05-14: DarkGate activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-05-09: GootLoader activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-04-18: Word macro –> SSLoad –> Cobalt Strike

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-04-17: TA578 pushes SSLoad malware

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-04-15: Contact Forms campaign leads to SSLoad malware

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-04-09: Data dump from Latrodectus malware infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-04-05: Data dump from Astaroth (Guildma) malware infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-04-04: Koi Loader/Stealer activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-03-26: Google ad leads to Matanbuchus infection with Danabot

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-03-19: DarkGate infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-03-14: AsyncRAT and XWorm infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-03-13: GootLoader activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-02-09, 02-22 and 02-23 – Data dump: Latrodectus from…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-02-21 – Parrot TDS –> SogGholish –> Aysnc RAT

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-02-14 – Danabot infection from Italian malspam

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-02-08 – Pikabot infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-01-25 – DarkGate activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2024-01-23 – UltraVNC infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2023-11-30 – DarkGate activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2023-11-29 – email –> JinxLoader –> Formbook/XLoader

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2023-11-27 – TA577 pushes IcedID (Bokbot) variant

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2023-11-22 – AgentTesla infection with FTP data exfil

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2023-11-20 – DarkGate infection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2023-11-02 – TA577 Pikabot activity

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2023-10-31 – IcedID (Bokbot) infection

Read more →