2020-07-17 - QUICK POST: EMOTET INFECTION

ASSOCIATED FILES:

REFERENCE:

NOTES:

 

IMAGES


Shown above:  Chain of events for this infection.

 


Shown above:  Checking a link I found for an Emotet Word doc.

 


Shown above:  Screenshot of the downloaded Word document.

 


Shown above:  Traffic from the infection filtered in Wireshark.

 


Shown above:  Emotet persistent on the infected Windows host.

 

Click here to return to the main page.