2017-08-08 - QUICK POST: MALSPAM PUSHING GLOBEIMPOSTER RANSOMWARE
ASSOCIATED FILES:
- Zip archive of the emails, malware, and artifacts: 2017-08-08-GlobeImposter-malspam-and-artifacts.zip 305 kB (305,003 bytes)
- Zip archive of the spreadsheet tracker: 2017-08-08-GlobeImposter-malspam-tracker.csv.zip 1.1 kB (1,080 bytes)
- Zip archive of the pcap: 2017-08-08-GlobeImposter-malspam-traffic.pcap.zip 230 kB (229,577 bytes)
ZIP files are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
NOTES:
- Just documenting what several people have already tweeted about.
- Today's GlobeImposter ransomware used ..txt as the file extension for encrypted files.
- Read_ME.html was used for the ransom payment instructions.
Shown above: Some information from the spreadsheet tracker.
Click here to return to the main page.