Angler EK from 185.46.11.16 sends TeslaCrypt – Admedia gate

ASSOCIATED DOMAINS:

  • superlonglife.at – COMPROMISED SITE
  • 93.171.217.56 – css.zolotcekristina.info GET /hellomylittlepiggy/ – Admedia gate
  • 185.46.11.16 – weru.grewonafarm.com – Angler Exploit Kit
  • 194.228.3.204 – opravnatramvaji.cz POST /modules/mod_search/wstr.php – Post infection traffic [TeslaCrypt]

 

IMAGES:

MORE DETAILS TO FOLLOW SHORTLY.