2019-03-06 - QUICK POST: KOREAN MALSPAM PUSHES FLAWED AMMYY RAT MALWARE

ASSOCIATED FILES:

NOTES:

 


Shown above:  Screenshot of Korean malspam pushing Flawed Ammyy RAT malware (1 of 2).

 


Shown above:  Screenshot of Korean malspam pushing Flawed Ammyy RAT malware (2 of 2).

 


Shown above:  Traffic from an infection filtered in Wireshark.

 


Shown above:  Post-infection traffic over TCP port 80 caused by Flawed Ammyy RAT malware.

 


Shown above:  Post-infection traffic over TCP port 443 caused by Flawed Ammyy RAT malware.

 

Click here to return to the main page.