Malware-Traffic-Analysis.net - 2017-08-08 - Quick post: GlobeImposter ransomware

2017-08-08 - QUICK POST: GLOBEIMPOSTER RANSOMWARE

NOTICE:

The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.

ASSOCIATED FILES:

2017-08-08-GlobeImposter-ransomware-emails-and-malware.zip 309.0 kB (308,971 bytes)
2017-08-08-GlobeImposter-email-tracker.csv.zip 1.1 kB (1,076 bytes)
2017-08-08-GlobeImposter-ransomware-traffic.pcap.zip 229.6 kB (229,583 bytes)

NOTES:

Just documenting what several people have already tweeted about.
Today's GlobeImposter ransomware used ..txt as the file extension for encrypted files.
Read_ME.html was used for the ransom payment instructions.

Shown above: Some information from the spreadsheet tracker.

Click here to return to the main page.