2017-09-18 - EMOTET INFECTION

NOTICE:

ASSOCIATED FILES:

  • 2017-09-18-Emotet-infection-traffic.pcap   (691,065 bytes)
  • <
  • 2017-09-18-Emotet-malspam-1433-UTC.eml   (1,318 bytes)
  • Invoice_5499.doc   (65,024 bytes)
  • MIKxorREXp.exe   (90,112 bytes)

 

TWEETS NOTED ABOUT TODAY'S WAVE OF #EMOTET MALSPAM:

 

EMAIL


Shown above:  Screenshot from an email seen on 2017-09-18.

 

HEADER INFORMATION:

 


Shown above:  Malicious Word document downloaded from link in the email.

 

TRAFFIC


Shown above:  Traffic from the infection filtered in Wireshark.

 

ASSOCIATED TRAFFIC:

 

MALWARE

WORD DOCUMENT DOWNLOADED FROM EMAIL LINK:

FOLLOW-UP MALWARE (EMOTET):

 

Click here to return to the main page.