Malware traffic analysis  2024(23)  2023(100)  2022(90)  2021(87)  2020(148)  2019(148)  2018(277) 


2024-06-12 -- 2024-06-11 - KoiLoader/KoiStealer infection

2024-06-11 -- 2024-06-11 - Traffic example of a CVE-2024-4577 probe

2024-06-10 -- 2024-06-10 - Malspam pushing OriginLogger (AgentTesla)

2024-06-08 -- 2024-06-08 - Three days of server scans and probes

2024-05-14 -- 2024-05-14 - DarkGate activity

2024-05-09 -- 2024-05-09 - GootLoader activity

2024-04-18 -- 2024-04-18 - Word macro --> SSLoad --> Cobalt Strike

2024-04-17 -- 2024-04-17 - TA578 pushes SSLoad malware

2024-04-15 -- 2024-04-15 - Contact Forms campaign pushing SSLoad malware

2024-04-09 -- 2024-04-09 - Data dump from Latrodectus infection

2024-04-05 -- 2024-04-05 - Data dump from Astaroth (Guildma) malware infection

2024-04-04 -- 2024-04-04 - Koi Loader/Stealer activity

2024-03-26 -- 2024-03-26 - Google ad leads to Matanbuchus infection with Danabot

2024-03-19 -- 2024-03-19 - DarkGate infection

2024-03-14 -- 2024-03-14 - AsyncRAT and XWorm infection

2024-03-13 -- 2024-03-13 - GootLoader activity

2024-03-07 -- 2024-03-07 - Latrodectus infection leads to Lumma Stealer

2024-03-06 -- 2024-03-06 - Pikabot infection leads to Meduza Stealer

2024-02-23 -- 2024-02-09, 02-22 and 02-23 - Data dump: Latrodectus from Contact Forms campaign

2024-02-21 -- 2024-02-21 - Parrot TDS --> SocGholish --> Async RAT

2024-02-14 -- 2024-02-14 - Danabot infection from Italian malspam

2024-02-08 -- 2024-02-08 - Pikabot infection

2024-01-30 -- 2024-01-30 - DarkGate activity

2024-01-25 -- 2024-01-25 - DarkGate activity

2024-01-23 -- 2024-01-23 - UltraVNC infection

2024-01-19 -- 2024-01-19 - GootLoader infection

2024-01-17 -- 2024-01-17 - Malspam pushes WikiLoader

2024-01-12 -- 2024-01-12 - Malspam distributing StealC malware

2024-01-09 -- 2024-01-09 - Async RAT infection

2024-01-08 -- 2024-01-08 - GootLoader infection