2017-03-31 - "BLANK SLATE" MALSPAM STILL PUSHING CERBER

ASSOCIATED FILES:

 

BACKGROUND:

OTHER NOTES:

 

EMAILS


Shown above:  Screen shot from the spreadsheet tracker.  Review that document for more details.

 

TRAFFIC

HTTP TRAFFIC FOR THE RANSOMWARE:

HTTP TRAFFIC FOR RANSOMWARE DOWNLOAD FROM FAKE CHROME INSTALL PAGE:

 

MALWARE

SHA256 HASHES FOR RANSOMWARE SAMPLES:

 

IMAGES


Shown above:  No more emails seen, but these fake Chrome install pages are still a thing.

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.